Cyber-Threats are constantly evolving – Hatem Naguib, SVP & GM, Security Business, Barracuda Network
Cyber security has been identified as one of the key areas of development by Prime Minister Modi and is gaining significance given the impetus on Digital India, e-commerce and mobility. With demonetization cyber payments are on the rise and demand for cybersecurity is at an all time high. Year after year, cyberattacks continue to escalate in frequency, severity and impact. As per a report by PWC Indian organizations detected 117% more incidents over the previous year, shooting up from an average of 2,895 incidents to 6,284 incidents a year. This is a sharp deviation from the global trend, which saw a 39% increase in security incidents over the previous year. Cyber security impacts all organizations, from fledgling start-ups to billion-dollar multinationals. In the light of increasing incidents, Indian organizations are rethinking their cyber security requirements and preparing for advanced threats.
According to an Osterman Research sponsored by Barracuda Networks, Phishing and ransomware are very serious threats that can cause enormous damage to an organization’s finances, data assets and reputation. Both phishing and ransomware are increasing at the rate of several hundred percent per quarter, a trend that will continue for at least the next 18 to 24 months.
For detailed information we had a conversation With Mr. Hatem Naguib, SVP &GM, Barracuda Networks,
- How prevalent are insider attacks compared to external attacks?
An attack initiated from within the company’s network could be intentional or unintentional. If someone launches an attack with the aim of harming the organization, then it is considered an insider attack. While there are many reported cases of this type of attack, a more common type of attack that is initiated from within the network, is a result of people unintentionally opening malware or clicking on links that download malware on to their system, and subsequently launching the attack from within the networks.
- What are the most common password management mistakes that enterprises make?
The most common mistake is not having a password management policy. Employees need to be aware of the current security risks and to a degree how they work. Many people still stick their passwords on a Post-It note on their monitors! Another common error is that most people use the same password for almost all their accounts. Beyond employee level issues – many companies do not have password strength checks – like length, having a mix of alphabetical, numerical meta characters etc.
- What are best practices for addressing password security?
There are 2 aspects that organizations should look at
a. Firstly focuses on Employees
a. Educating the employees about remembering passwords and not writing them out and sticking it where everyone can see it.
b. Secondly focus on IT policies and procedures
a. IT teams should enforce a password policy that erequires password complexity
b. Use a password rotation policy, where passwords should be changed every 3 to 6 months depending on sensitivity of the data.
c. Finally, many organizations have open systems where people from outside the organization can login – these systems should be kept segmented from the corporate intranet where only employees connect.
- Is cloud banking safe in south Asian countries?
We work with many banks in South Asia. Many of them have very sound security practices at least from aspects of allowing customers acess thier internet banking portals. But as we all know security is only as good as the weakest link. Cloud banking implies web based applications on their part, and while the application might sit behind a good firewall, it should also be protected by a WAF (Web application Firewall) which is designed to both protect against web attacks, as well as to protect sensitive user information. Many Barracuda’s WAFs are currently deployed in the banking industry to protect bot users and applications from attacks.
- What are the new threats that consumers will be exposed to in 2017?
Cyber threats are constantly evolving, which requires that consumers be especially vigilant in preventing such attacks. Poly-morphic attacks continue to be highly effective as they have for many years. In that respect, it highly difficult what the next type of attack will be. What is more important is to have the right type of defenses in place to deal with them effectively as they happen. This requires that customers protect themselves from all threats across all threat vectors. Barracuda is well positioned to provide the necessary protection with it’s portfolio of security products, that are all protected with it “Advanced Threat Protection” technologies, that will remove all known and unknown threats.
- With cybercrime costs projected to rise to $2 trillion by 2019, will cyber-insurance finally become more commonplace?
It is hard to say – this is an insurance business decision. An insurance company will have a hard time determining how to price a policy based on the technology and education that has been put in place (and correctly configured) to protect users, companies and data. It just seems fraught with too many variables and problems. They might state minimum requirements, but even then it will be hard to manage or prove it was correctly maintained. Further breach forensics continue to be costly to the point that this likely falls out of the reach (cost wise) of most organisations.
- Ransomware combines malware infection with social engineering tricks to force victims to pay several hundred dollars to unlock their computers. A key to avoid falling into this scam is recognizing what is happening?
Yes while true, ransomware is just another type of malware. There are many ways that it can be exploited. Email is just one of them. While human education is important, ensuring that you have a comprehensive security posture is equally as important.
- Do you see the ransomware trend to keep strong throughout 2017 or do you feel that at some point this type of attack will become victim of its own success (better user awareness and law enforcement actions)?
Because cyber threats are always evolving, we don’t believe that the Ransomware trend will lose momentum in the coming years. Security analysts predict an average of 200 new variants of Ransomware per quarter with no signs of slowing well into 2023. It is a highly effective business!
- Ransomware is just one aspect of the global cyber-crime ecosystem in which exploit kits are king. Can you tell us a little bit about the trends you have observed in this area over the last couple of years?
It comes as no surprise that some malware strains have become household names in the last couple of years, with Cryptolocker, Locky, Cerber, and JigSaw being the most popular. Locky is probably the most notorious, known for its flexibility in using different modern programming kits that deliver threats via office documents. In 2016, we saw hundreds of thousands of documents used as attacks, though not all of them contained ransomware. Due to the prevalence of these at-risk documents, Barracuda introduced a new security layer to keep up with the sheer volume of incoming threats.
- How can Barracuda Networks help with the increasing cybersecurity breaches including Ransomware?
Today, cybercriminals leverage and exploit a variety of threat vectors, including email, network traffic, user behavior, and application traffic, to insert ransomware. Protecting yourself from a vulnerability through one of these vectors is a good start, but without a comprehensive security strategy that secures all vectors, from all the advanced threats, you are almost certain to fall victim.
Barracuda offers a collection of layered of security technologies that are implemented along the paths where attacks occur. Our Advanced Threat Protection (ATP) that overlays our security products include anti-virus and anti-malware, signature based and heuristics analysis, and advanced sandboxing technologies to mention but a few.
Barracuda network security solutions such as the NextGen Firewalls protect organizations against exposure to network and web-based attacks and scans downloads for malicious content (ATP).
Essentials for Office 365 protects organizations from email-borne threats, ransomware phishing, and other advanced persistent threats by leveraging ATP as well. It also protects data by backing it up directly to Barracuda Cloud Storage.
The Barracuda Web Security Gateway also provides multi layered security by deploying the WSG in the service chain by monitoring downloads and internet links for outbound command and control traffic. Upon detection, it will block all traffic from and to the connected device.
Occasionally, even the best defenses may be breached. If ransomware does get in, a robust backup strategy ensures a rapid and often cost effective path to recovery. Barracuda Backup automatically creates updated backups as files are revised, and duplicates them to the secure Barracuda cloud or to a private off-site location.
Barracuda provides a complete portfolio of solutions that work together to help you detect, prevent, and recover from ransomware attacks.