In his keynote address at the Check Point Software Technologies <SECURE> APAC virtual conference, Gil Shwed, Chairman and CEO of Check Point Software Technologies explained the importance for organisations to have a clear roadmap of their approach to security, post-COVID-19.
“Organisations need to create unified security across everything – cloud, IoT, servers, etc. They can’t afford to have too many systems of security for all the different parts of the organisation. It will also be too much to deploy and manage. For example, cloud security, endpoint security and such. They need to avoid buying different security for different functions”, said Gil.
He explained that this will not only save companies cost and time but also improve security itself as the level of security for a unified approach will be much higher. The sharing of information, alerts and security tools are all improved and will span across all elements which are critical for organisations today.
Interestingly, Gil also pointed out how COVID-19 has led to the creation of a cyber pandemic. Unlike the biological pandemic of COVID-19, the cyber pandemic spreads much faster and can cause more problems for everyone.
This is already happening in the last few months, whereby Check Point was able to prevent cyber attacks on businesses. This includes working with other tech companies like Microsoft in detecting the vulnerabilities in DNS servers, which can be easily exploited to take down an entire organisation.
As 2021 approaches, Gil said that organisations should now focus more on building their security architecture. IT teams around the world have already done an amazing job of getting everyone to work from home in a short period of time. The next step for companies now is to ensure they have the right tools and security for remote working.
“Security is still not where it should be. Many remote workers are still working in unsecured environments and there is a lot of information leaving the office without being realised. Businesses have already stabilised the environment. They now need to focus on securing it”, added Gil.
At the same time, Gil also pointed out how the Internet has become a lifesaver and the most critical element during this crisis. Apart from some service problems by internet providers, the internet has pretty much sustained the entire change of lifestyle and workload increases. Businesses have also invested more in capacity and bandwidth and will most likely only continue doing so as more reliance on the Internet is needed”.
The Same Big Problem – Cybersecurity
According to Ashwin Ram, Security Engineer and Check Point Evangelist, the Asia Pacific region saw the highest crypto-jacking cases. Globally, Emotet continues to be the most used malware. It has not only evolved to be more dangerous but has also the ability to adapt to any tech campaigns.
Emotet is being used to distribute other malware as it is clever enough to stay hidden, making it a chaotic problem for businesses. As most malware is delivered via email, Ashwin suggested that organisations have a sandbox and added security controls to help detect malware.
Check Point Research, which provides leading cyber threat intelligence to Check Point Software customers and the greater intelligence community highlighted how COVID-19 has evolved into a successful cyber attack theme. Cybercriminals launched around two hundred thousand attacks per week, mostly adapting phishing campaigns based on the stages of the pandemic.
Check Point’s researchers discovered 16 different malicious apps, all masquerading as legitimate coronavirus apps, which contained a range of malware aimed at stealing users’ sensitive information or generating fraudulent revenues from premium-rate services. It’s important to note that none of the malicious apps were found on an official app store. They were offered from new Coronavirus-related domains, which researchers believe had been created specifically with the aim of deceiving users.
With remote working still ongoing, many organisations opt for a VPN to allow their employees to have more access to their workloads. Unfortunately, Ashwin pointed out that VPN applications have a vulnerability that allows attackers to launch all sort of cyber attacks. They have the potential to allow attackers into the corporate environment. He added the Internet Index showed a 41% increase of remote desktop port services exposed to the internet.
For businesses investing in cybersecurity, they need to make sure they invest in tools that are effective, especially with IoT devices representing a large attack surface.
“IoT devices are not designed to fight cyber attacks. Most of them have legacy firmware and OS systems. They have weak and known passwords. And those with complex passwords can be found on the dark web. Many organisations are not aware of the IoT devices in their environment. They need to focus on tech that gives them the ability to automatically secure these devices and provide more visibility”.
At the conference, Itai Greenberg, VP Product Management for Check Point also highlighted Check Point’s Infinity Next, the cybersecurity architecture to secure everything. With the consolidation of security on the agenda for most organisations, Check Point Infinity is the only fully consolidated cybersecurity architecture that protects your business and IT infrastructure against Gen V mega cyber attacks across all networks, endpoints, cloud and mobile.
The architecture is designed to resolve the complexities of growing connectivity and inefficient security. It provides complete threat prevention which seals security gaps, enables automatic, immediate threat intelligence sharing across all security environments and unified security management for utmost efficient security operation.
By adopting a consolidated security approach with Check Point Infinity architecture, businesses can ensure preemptive protection against advanced fifth-generation attacks, while achieving a 50% increase in operational efficiency and a 20% reduction in security costs.