As Covid-19 rages on, nations face a similarly challenging cyber pandemic. The FBI reported up to 4,000 cybersecurity complaints a day – a whopping 400 per cent increase from pre-pandemic days.
The pandemic has “dramatically reshaped the inter-state cyber arena”, says Evan Dumas, Check Point’s Regional Director for South East Asia. It has become more urgent than ever for countries to rethink and adapt their existing security policies.
Dumas shares four tips for governments to boost cyber defenses and prepare for new risks in a post-Covid world.
1. Bolster your defenses
More countries are using “offensive cyber tools to carry out national intelligence gathering” during the pandemic, Dumas says. In February, a North Korean-affiliated threat group conducted a malware operation against South Korean organisations under the guise of Covid-19 related news, he adds.
A Pakistan-based threat group also sent out a fake health advisory to spread malware. The email was disguised to be from the government of India, and attempted to steal credentials from victims’ browsers. The group, APT 36, was able to compromise Indian military and government databases to steal sensitive data in the past, said researchers.
As the cyber battlefield grows increasingly hostile, governments need to have the right defenses in place, says Dumas.
Check Point SandBlast Agent protects against such attacks by putting every downloaded file through a sandboxing process. The file is ‘quarantined’ until it is deemed safe, ensuring that users receive files without any malware or ransomware.
2. Secure the cloud
Cloud services bring scalability, agility, and cost effectiveness. It has been the “engine” that allowed organisations to rapidly transition to remote working, says Dumas.
But cloud continues to be “a lucrative target for threat actors” – whether it is through infrastructure vulnerabilities, direct attacks on service providers, or misconfiguration and user errors, he says. This risk has been enhanced in the new normal.
Now is a good opportunity for governments to revisit security protocols, says Dumas. The many rapid changes in infrastructure and processes may create new blind spots that must be spotted and resolved.
Check Point equips security teams with visibility into all traffic and threats, says Dumas. This empowers analysts with the awareness of what’s going on in the entire environment, so they can mitigate risk and maintain security for the cloud, says Dumas.
Check Point Cloud Security Posture Management integrates with different cloud infrastructures to guard against the most sophisticated cyberattacks. Its CloudGuard can also be deployed in a single click, making it easy to scale and expand services without compromising security.
3. Guard your mobile
Mobile threats are also increasing in scale and sophistication, says Dumas. “Using smartphones and tablets to access critical services and information on the go has many benefits, but can also expose sensitive data to risk.”
Check Point has seen an increasing number of malicious applications on the Google Play store. A malicious software known as EventBot, for instance, is designed to intercept SMS authentication messages used by more than 200 financial applications in the US and Europe.
Mobile devices must be secured with the relevant solutions as well, cautions Dumas. Threat detection and prevention is key to protecting devices from unknown threats.
4. Step up threat detection
As the old cliche goes, prevention is better than cure. “Real-time prevention of threats, before they can infiltrate the network, is the key to blocking future attacks,” says Dumas.
According to a recent IBM report, organisations took an average of 280 days to identify and contain a data breach in 2020. That cost them a million dollars more than if they had contained the breach in less than 200 days.
Artificial intelligence and machine learning must be incorporated to detect and prevent attacks before they happen, says Dumas.
When a mobile application is downloaded, Check Point’s Sandblast Mobile uses AI to analyse its reputation, behaviour, and similarity to malicious apps. Half of the applications blocked by the solution were unknown to other antivirus vendors, he adds.
“The ultimate goal for most governments would be to better understand their current security posture, eliminate blindspots and minimise attack surfaces,” says Dumas. More collaboration between the public and private sectors will help to achieve this aim.
The cyber arena will only get more ruthless and unforgiving. Intelligent and predictive solutions, along with greater collaboration between the public and private sectors, will help nations stay ahead of this battle.