How Should APAC Organizations Protect Critical Data & Assets?


The on-going effects of the COVID-19 pandemic are significantly impacting the security of businesses and individuals worldwide. While some industries have been severely hit, others are experiencing sudden and exponential growth in demand for their services.

Not surprisingly, this difficult time became a great breeding ground for cybercriminals who are using the pandemic crisis and our dependencies in online services for various gains.

[adbutler zone_id="276005"]

The Latest Threats

What are the latest cyberthreats CIOs need to be aware of in the APAC region?

Ransomware – The #1 risk to remote desktop services. Almost two-thirds of ransomware contains an infection vector based on RDP and one of the most persistent services when it comes to account takeover attacks.

Servers from enterprises are much wanted resources for malicious actors as they can be abused for spam distribution, lateral movement and exfiltration of sensitive information followed by ransom, command and control server for botnets, attack stations for attacking other organizations, cryptocurrency mining and finally deploying ransomware, sometimes after the previous scenarios have been tried and dried, as a last resort to monetize a successful breach.

[You may also like: There’s No Silver Bullet to Deal with Cyberattacks]

Encrypted attack protection – More than 90% of web traffic is now HTTPS encrypted. While HTTPS is crucial for data protection, it opens the door for new DDoS attacks. HTTPS requires many more resources from the target server than the client, meaning hackers can unleash devastating attacks with limited requests. Protection against encrypted DDoS floods is a critical requirement.

Massive global capacity – Internet of Things (IoT) botnets are growing larger and more sophisticated and becoming more capable of launching larger attacks. They can be purchased on the dark net for relatively small sums, for example the cost of a cup of coffee. Botnets are a significant threat during the massive COVID-19 public health emergency.

Application layer (L7) DDoS attacks – These pose a unique challenge for DDoS defenses, as they require insight into application behavior, and it is difficult to tell whether a request is legitimate or malicious simply by looking at the network-layer traffic. Moreover, as more and more web traffic is encrypted by SSL and HTTPS, DDoS defenses are frequently unable to look at the contents of the packet itself.

[You may also like: Seven L7 DDoS Attacks to Watch Out For]

As a result, many types of DDoS defenses are unable to tell the difference between a legitimate spike in customer traffic (for example, during a flash crowd or a holiday peak) and an actual attack. Examples of attacks are: HTTP/S floods, SSL negotiation attack, Low and Slow attacks, HTTP/S bomb attack and large file download.

Account takeover/credential theft– Compromised accounts have been traded for financial gain for years. Email addresses, passwords and credentials are low-hanging fruit, as they are relatively cheaper and go in masses. Payment details are another favorite, with prices dictated by different parameters such as country of issue, credit score and more at the highest end.

The decisions and tools that organizations choose now, and the training they provide to their employees, will have enduring effects on security for years to come. It’s crucial that companies get it right.

Note: A version of this article first appeared in Intelligent CISO.

Read Radware's “2019-2020 Global Application & Network Security Report” to learn more.

Download Now

Yaniv Hoffman

Yaniv Hoffman

Yaniv Hoffman brings more than 20 years of experience in leading high-performance engineering and service teams, specialized in networking, cyber-security and cloud operations. Mr. Hoffman is the Vice President of Technologies. In this role he is responsible for APAC engineering teams (Pre-Sale, Post Sale, Architecture, Professional Services), and drives innovation in technical solutions and delivery while leading sales activities across the region. Prior to this role, he managed the global technical services in Radware, overseeing all customer engagements and customer success.

Contact Radware Sales

Our experts will answer your questions, assess your needs, and help you understand which products are best for your business.

Already a Customer?

We’re ready to help, whether you need support, additional services, or answers to your questions about our products and solutions.

Locations
Get Answers Now from KnowledgeBase
Get Free Online Product Training
Engage with Radware Technical Support
Join the Radware Customer Program

Get Social

Connect with experts and join the conversation about Radware technologies.

Blog
Security Research Center
CyberPedia