Check Point® Software Technologies Ltd. a leading provider of cybersecurity solutions globally, is warning organisations in Ireland of a 242% surge in cyberattacks when globally, the figure is 40% in 2021 compared to 2020. What can Irish companies do differently? Check Point Software says now is the time to adopt a prevent-first approach.
There have been several high-profile cyberattacks in Ireland this year alone. Most recently, the National University of Ireland Galway (NUI Galway) fell victim to an attempted attack, causing widespread disruption to students and staff. And while there are promising initiatives happening, such as the Cyber Ireland National Conference, the 242% increase in cybercrime is a stark reminder that there is still a long way to go.
Check Point’s Country Manager for Ireland, Hugh McGauran says, “Clearly, Irish companies are attractive to hackers right now. However, we can absolutely reduce the risk of unknown attacks by implementing a prevent-first approach. This essentially means moving away from detection and response only, and neutralising attacks and malwares prior to the execution stage. If you think of the kill chain, the first step that a malware will take is to try and propagate and move laterally across your network as soon as it’s executing. But, if you can prevent it from executing in the first place, then all the efforts to trace, contain and remediate that damage are dramatically reduced.
“This is something even more important now than ever due to the cyber skills gap we currently have here in Ireland. If you can reduce the burden and eliminate a lot of the noise, then you can allow your smaller teams to focus on the real threats. To bring this into the context of the pandemic, whether you agree or disagree with the decisions of government, it really was a prevent-first strategy. The first thing most governments did was to ask everyone to separate – work from home, don’t go out if you don’t need to.
“The vaccine rollout is another layer of prevention. If we were to go back and use a detection and response approach only, then it would have centred around handing out thermometers and testing everyone – which doesn’t prevent anything. That would definitely have had a very different impact in terms of the infection rate, the load on hospitals and ultimately, the mortality rate. So, in cybersecurity, yes detection is important but if you can prevent something, why wouldn’t you?”
Hugh’s five tips for Irish companies looking to adopt a prevent-first approach:
Visibility: Know what is connected to your network.
Use block/prevent mode on high fidelity signatures. Tune said signatures based on devices within each network segment being protected to reduce false positives.
Automate threat detection and remediation.
Put in place guardrails to ensure configurations are properly maintained.
Train your staff to operate the technology properly and if that is not possible, work with a managed services partner to fill skill gaps.
EY Ireland is launching findings from theirGlobal Information Security Survey 2021 which includes Ireland
More than half of Irish cyber security teams (52%) fear they are exposed to a major breach which could be avoided if their businesses invested more in their cyber defences, according to the EY Ireland Global Information Security Survey 2021.
Cyberattacks are increasing in frequency and impact with 90% of Irish businesses saying they have seen a rise in disruptive attacks in the last 12 months compared to 72% globally.
Irish respondents feel more exposed than their global peers due to a shortfall in funding. Globally, 36% of respondents say they are more exposed to a major breach than they would be if their businesses had committed sufficient resources to their cybersecurity defences. In Ireland, the figure was 52%, with 44% stating that their budgets were too low to handle the new challenges which have emerged over the last 12 months.
Carol Murphy, EY Ireland Consulting Partner and Head of Technology Risk, commented:
“Cyber attacks are becoming more frequent, more damaging, longer lasting and harder to anticipate. Irish businesses overall express confidence in their ability to manage evolving threats. The majority (60%) say they are confident in understanding and anticipating new strategies used by bad actors, which is encouraging.
Where improvement can be made is by creating heightened awareness of these threats at board and executive level. There is a tendency for cyber security to get lost on the priority list and this can leave the entire business exposed. With the regulatory burden rapidly increasing, however, boards are beginning to wake up to the threat posed and to the level of resourcing required, and not before time”.
Barriers to Communication
Only 30% of Irish respondents feel that their executive management fully understands the value and needs of the cyber security teams compared to 42% globally.
The survey suggests relationships between the cyber teams and senior leadership within their organisations are underdeveloped. More than two-thirds (68%) of respondents say that their teams are sometimes consulted too late or even not at all when their organisations make strategic decisions.
Carol Murphy concluded:
“The GISS survey highlights a number of gaps between Irish businesses and their international counterparts. These are partly due to budgetary constraints but also stem from a lack of internal communication and a perceived disconnect between cyber security and executive teams.
Given the global public health emergency, it is understandable that allowances have been made in some cases to facilitate rapid implementation of working from home policies. As remote and hybrid working become part of normal working life, however, businesses need to address the resulting security gaps as a matter of urgency.”
No matter what type of business you might be running, the danger of cyberattacks is always present. According to thelatest trends, cybercrime will cost companies over $10.5 trillion every year by 2025. That’s why you should do whatever you can to secure your company’s data and servers. Most traditional methods such as antivirus and antimalware software often aren’t enough to prevent hackers from breaching your systems. That’s why you should think about investing in a proxy server, for example, a Japanese Proxy, and appear as a private user from another country. Stay with us, and we’ll explain everything in more detail.
Web Proxy? What is it?
But before we get to the benefits of using proxies, we first have to explain what they are. Proxy servers are privately owned servers found in locations all over the globe. Most proxy providers have a server in dozens of different countries and across all continents. These servers generate real IP addresses, and the more there are, the better. Every time you want to connect to the internet using a proxy, you connect through a proxy instead of connecting directly from your device. That gives you an extra layer of protection and can send hackers on a wild goose chase. Apart from that, proxies offer other benefits, but we’ll get to that in a moment.
What Proxies Do
Proxies act as a middleman between your device and the internet. When you want to access a website or a server, you leave your IP address. It works as a virtual postal address, and it helps the server send the information to the right place. That’s how the internet works. The problem is, once a website or server gets your IP address, they can easily find out your location, browsing preferences, and other personal information. Proxies simply switch your original IP with another located far from your original location, making it impossible to track you down. As a company, proxies can provide you withall kinds of benefits that will help you improve your operation and stay safe from cybercriminals.
Now we get to the good stuff – the benefits. As we already explained, proxy services hide your original location, making it much harder for anyone to track your online activity. However, they also provide some other benefits that will undoubtedly help your business in the long run. Here’s what you can expect.
Better Connection Speeds
Proxy servers remember the files and websites you frequently visit, speeding up your connection and loading time. So, instead of loading everything from scratch every time you go online, proxies will display the information you need much faster, freeing up the bandwidth and upping the loading time.
Bypass Geo-Restrictions
You can also use proxies to bypassgeo-restrictions and internet censorship. Some areas of the world limit the data and type of files you can access. For example, you can’t access some of the content in Japan, while Japanese people can. But, if you get a Japanese proxy, you’ll be able to use all Japanese websites even if you’re not in Japan. Employee Internet Usage Control You can also use a proxy server to limit internet use within your company. For example, you can create a list of websites or areas in the world you want to block. The proxy will simply prevent your employees from loading those websites while at work.
Common Business Uses
Now, when it comes to business uses, proxies have a very wide application. Professional proxy services like SmartProxy, offering over 100M+ residential IPs covering 195+ countries, are tailored to meet the needs of large-scale concurrent data collection and precise geolocation. They are mostly used for common practices such as competition monitoring, web scraping, gathering user reviews on your brand, and so on. Here are a few more applications:
Web Scraping
Finding the right information you need to improve your business is crucial for your success. However, most of your competitors and websites will try to prevent you from scraping their data. They can block you once they know your IP address, but if you mask it with a proxy, you’ll appear as a different user, so they won’t know who to block.
Better Security
Knowing what websites your employees visit and limiting their choice will go a long way in protecting your sensitive information. Not only that, since no one will be able to track your online activities, you will drastically reduce the chances of a cyberattack.
Conclusion
Proxy servers are definitely a must if you want to stay safe and hidden from cybercriminals. However, they can also help you conduct web scraping projects without interference, speed up your website, limit internet use within the company, and of course, help you bypass geo-limitations. Just like the example with a Japanese proxy. If you are interested in various proxy pools, visit Oxylabs website and learn more about proxies in multiple locations around the world.
Remote working and the threat of cyber-attacks are the number one data protection concern for 65% of Irish companies in 2021. This is according to a new survey from the Association of Compliance Officers Ireland (ACOI) which sought to understand the current data protection risks facing companies – 85% of whom have more than 75% of their workforce currently working from home. The survey of more than 250 organisations – answered by ACOI members with responsibility for compliance in financial organisations throughout the country, revealed that the mobile workforce arrangements, necessitated by the pandemic since last year, have left employers feeling increasingly vulnerable to data protection breaches.
Speaking of the findings Michael Kavanagh, CEO of ACOI,
“It’s abundantly apparent from this survey that remote working is a major issue facing firms this year when it comes to data protection, with 34% of businesses voicing their concerns around the risks associated with it. Given how intertwined the two things are it is perhaps unsurprising that risk of cyber-attack was cited by 31% of respondents as the biggest concern. Indeed, the two are not mutually exclusive, with remote working increasing organisations’ vulnerability to attacks.
85% of our respondents have more than 75% of their workforce out of the office at the moment and while the survey suggests that the remote working landscape will certainly not look the same in 12 months, it is clear that the intricacies of having a national mobile workforce is something that all organisations will have to consider, both now and into the future, as flexibility around where people carry out their various roles becomes a key feature of modern day business.”
The remote working risk
The ACOI report that in the last 12 months many organisations have had to reassess their data security systems to adapt to new levels of cyber risk to internal assets and data, and urge that any that have yet to do so, need to move with some immediacy to rise to the data protection challenges of an off-site workforce. When asked ifthe risk of cyber-attack hasbecome a greater consideration since the redeployment of staff to home-based working, 89% of respondents said it has, to varying degrees.
Mr. Kavanagh commented,
“Redeploying employees to work from home has “considerably” increased risk for 37% of organisations, while 52% said it had increased risks “a little”. What’s interesting is that when we asked the same question last year 10% fewer organisations felt the risk had increased “considerably”. This would suggest that the recognition of, appreciation for, and experience of, risk is growing.
The context for cybercrime and cyber-attack in Ireland is constantly evolving. PWC’s Irish Economic Crime Survey 2020[1] found that 69% of firms in Ireland have experienced cybercrime in the last 24 months, and that the incidence of cybercrime in Ireland (69%) is double that experienced by global companies (34%). The report also outlines that Ireland is now Europe’s largest data hosting cluster, putting the need for elevated cybercrime and data protection systems into sharp focus.”
The ACOI advise that regulators in Ireland and around the world have been constantly updating and issuing new guidance to firms in response to emerging cyber security issues, such as fake documentation, the reliability of information sources, and data privacy and protection. While the level of risk varies according to the sector, it is widely accepted among the financial services sector that COVID-19 has led to heightened risks in relation to money laundering and cyber-attacks.
Detect and Protect
Mr. Kavanagh explains that there are ways for compliance professionals to detect and mitigate the increasing level of risk from cyber-crime that the business world is seeing.
“Whether it’s keeping your software and security systems up to date, running regular checks, or introducing more complex processes such as two-step authentication to your transactions and communications, there are small steps that businesses can take that will help detect and protect them from cyberthreats. However, a combination of technology and human resources will always be the best approach to maintaining cyber-safe and secure working practices and operational environments.”
Appendix
What is the number one data protection risk for your company in 2021?
Remote working 34%
Cyber-attacks 31%
New rules around International data transfers – Schrems II 13%
The volume of staff training needed 8%
Brexit 7%
Anti-Money Laundering and Counter Financing of Terrorism obligations 7%
Approximately what percentage of your organisation’s staff are now working remotely?
100% 40%
Between 75 – 100% 45%
Between 50 – 75% 3%
Between 25% – 50% 4%
50% 2%
Less than 25% 6%
Approximately what percentage of your organisation’s staff are likely to be partially or fully working remotely in 12 months?
Between 50 – 75% 38%
Between 75 – 100% 25%
Between 25% – 50% 14%
50% 8%
Less than 25% 8%
100% 7%
Has financial crime and the risk of attack become a greater consideration since some of your workforce have been redeployed to work at home?
Yes, it has increased the risks a little 52%
Absolutely, it has increased the risks considerably 37%
HP today released its 2021 predictions on how security threats – such as human-operated ransomware, thread hijacking, unintentional insider threats, business email compromise and whaling attacks – are set to increase in the next 12 months.
“Organizations have had a tough 2020, and in Ireland specifically, the financial services and healthcare sectors have been particularly vulnerable to attacks. The shift to remote working has widened the attack surface and made life even more difficult for security teams, meaning the days of the hardened perimeter are behind us. Now, more than ever, organizations need to shift their focus to delivering protection where it is most needed: the endpoint. Over the course of 2020, we have seen hackers become increasingly targeted, while also using sophisticated lures to trick users into engaging in risky behaviours. Over the next 12 months we will see more of the same, with targeted and sophisticated attacks directed at users and endpoints,”
Gary Tierney, Managing Director at HP Ireland. “Organizations cannot afford to close their eyes and hope for the best in 2021, which is why it’s critical that they adopt a protection-first approach to endpoint security to keep them a step ahead of cybercriminals.”
HP’s cybersecurity experts including – Julia Voo, Global Lead Cybersecurity and Tech Policy; Joanna Burkey, CISO; Boris Balacheff, Chief Technologist for Security Research and Innovation at HP Labs; Dr Ian Pratt, Global Head of Security for Personal Systems; and Alex Holland, Senior Malware Analyst – and experts from HP’s Security Advisory Board – Justine Bone, CEO at MedSec; and Robert Masse, Partner at Deloitte – all gave their predictions for the year ahead.
Weakened organizational security will lead to more unintentional insider threats
The dramatic changes to how we work in 2020 and the shift to remote working will continue to create challenges, says Julia Voo: “COVID-19 has weakened organizational security. Remote access inefficiencies, VPN vulnerabilities and a shortage of staff that can help the business adapt means data is now less secure.” From a cybercriminal’s perspective, the attack surface is widening, creating more opportunities, as Joanna Burkey explains: “We can expect to see hackers identifying and taking advantage of any holes in processes that were created, and still exist, after everyone left the office.”
Boris Balacheff points out that this also means that home devices will be under increased pressure: “We have to expect home infrastructure will be increasingly targeted. The scale at which we operate from home increases the incentive for attackers to go after consumer IoT devices and pivot to business devices on the same networks. And as we know, if attackers are successful with destructive attacks on home devices, remote workers won’t get the luxury of having someone from IT turning up at their door to help remediate the problem.”
Burkey also believes there will be more unintentional insider threats: “With employees working remotely, the lines between work and personal equipment are blurred, and innocent actions – such as reading personal email on a company machine – can have serious consequences.” Overall, the pandemic has increased the risk of employees making errors, as Robert Masse explains: “If you view the pandemic as a war experience, then organizations will be dealing with employee burnout. This can lead to an increased risk of errors in judgement.”
Human-operated ransomware attacks will remain an acute threat
Ransomware has become the cybercriminal’s tool of choice, and this is likely to continue in the year ahead, comments Burkey: “What we’ll see is a rise in ransomware-as-service attacks where the threat is no longer the ‘kidnapping’ of data – it’s the public release of the data.”
The rise of ransomware has fueled the growth of an ecosystem of criminal actors who specialize in different capabilities needed to pull off successful attacks. Malware delivered by email, such as Emotet, TrickBot and Dridex, are often a precursor to human-operated ransomware attacks. “To maximize the impact of an attack, threat actors use their access to compromised systems to deepen their foothold into a victims’ networks. Many crews use offensive security tools to gain control of a victim’s domain controllers, which are often the best point in a network to deploy ransomware,” explains Dr Ian Pratt.
This trend is of particular concern to those in the public sector, as Alex Holland explains: “The rise of ‘double extortion’ ransomware, where victim data is exfiltrated before being encrypted, will particularly hurt public sector organizations, who process all manner of personally identifiable information. Even if a ransom is paid, there is no guarantee that a threat actor won’t later monetize the stolen data.”
Greater innovation in phishing will see thread hijacking and whaling attacks
In 2021, there will be more innovative phishing lures designed to trick users and make attacks harder to identify. “The most innovative mass phishing technique we see is email thread hijacking, which is used by the Emotet botnet. The technique automates the creation of spear-phishing lures by stealing email data from compromised systems. This data is then used to reply to conversations with messages containing malware, making them appear very convincing,” explains Dr Ian Pratt. We can also expect to see more of these attacks targeting individuals working remotely, says Justine Bone: “Thanks to everything relying on strong authentication, as opposed to in-person presence, there is more opportunity for hackers to engage in social engineering to trick employees into divulging credentials.”
The prospect of continued social isolation has encouraged people to share more personal information online, which cybercriminals can weaponize. “Whaling, a form of highly targeted phishing attack aimed at senior executives, will become more prominent with cybercriminals able to take personal information shared online to build convincing lures leading to business email compromise fraud,” comments Masse. Many of these phishing emails will continue to exploit people through fear, according to Voo. “New fears will be used to drive people to open malicious emails – whether it’s COVID vaccines, financial concerns related to the lockdown and any political instability.”
Hackers will tailor attacks to target specific verticals – in particular, critical infrastructure, pharma and healthcare, Industrial IoT and education
One of the most at-risk verticals in 2021 will be healthcare. “Healthcare has been a perfect target – society depends on it and these organizations are typically under-resourced, change-averse and slow to innovate. Education also fits this criterion and could be another prime target,” says Bone. However, this threat extends beyond hospitals and doctor’s surgeries into more critical areas. “Due to the race to develop a new vaccine, pharmaceutical companies and research facilities will also continue to face adverse risk,” comments Masse.
But the next 12 months will also see other targets come into consideration for hackers. “Car makers, particularly EV companies, will become bigger targets as they grow in prestige and profitability, and we can also expect to see critical infrastructure and the Industrial Internet of Things continue to be in hackers’ crosshairs,” explains Masse.
Zero trust is here to stay, but needs to be implemented in a way that is transparent to the user
Zero trust as a concept isn’t new, but the increase in remote working means that it is now a reality that organizations need to accept. “The traditional ways of securing access to the corporate network, applications and data are no longer fit for purpose. The perimeter has become obsolete. Over the years the workforce has become more dispersed, and SaaS adoption has risen – this means critical data is being hosted outside the enterprise firewall. The time has come for organizations to start protecting against the unknown, which means utilizing zero trust, but in a way that is transparent to the user,” comments Pratt.
COVID-19 will be a key driver behind zero trust adoption and also means we’ll see greater innovation in this area. “Zero trust is the best defensive approach for enabling remote working, but for identity and access management to be seamless it needs to be easy to use. Quality authentication methods are a key enabler of zero trust, which is why technologies such as biometrics will be expected by end users in the future,” comments Bone.
A new approach to security is needed
“2020 demonstrated that is has become critical to manage highly distributed endpoint infrastructure,” comments Balacheff. “Organizations need to accept that the future is distributed. Everything from remote workers’ devices to industrial IoT devices have become the new frontlines of the cybersecurity battleground in our increasingly cyber-physical world. To meet this challenge, organizations need to re-think their security architectures and controls, and embrace the necessary innovation in technology and processes to help them support this new environment. For example, modern hardware technology exists that can help not only protect but also recover employees remotely and securely in the face of destructive attack like those we have seen in the last few years.”
“Organizations face a huge security challenge in the year ahead, with cybercriminals becoming savvier about how to extract the most value out of victims,” comments Ian Pratt. “Relying on detection alone will only result in an unsatisfactory outcome for the organization, so a more architecturally robust approach to security is required; one that builds protection in from the hardware up. Hardware-enforced technologies like micro-virtualization are transparent to the end user – this means they can click on email attachments and download files as they normally would, but are safe in the knowledge that if anything is malicious, it is rendered harmless. This protection-first approach leaves hackers with nothing to steal and no way to persist, helping organizations to deal with the variety of threats 2021 and beyond will throw at them.
