Dubai: 2020 wasn’t just the year of the COVID-19 – cyber threats spiked throughout the year and more so as peoples’ lives were spent interacting through digital screens.
There were more than 10 million Distributed Denial of Service (DDoS) attacks worldwide last year, and the UAE alone saw an 183 per cent spike, according to Help AG, the cybersecurity arm of Etisalat.
“This increase has made DDoS attacks by far the most prolific form of cybersecurity threats faced by organizations today,” said the report from Help AG.
The government, private, oil and gas, telecom and healthcare sectors faced a particularly harsh onslaught, with attacks targeting specific customers using varying attack patterns.
“Public and private sectors across the world are facing unprecedented levels of digital threats which are only increasing year-on-year,” said Stephan Berner, CEO at Help AG.
A DDoS attack is an attempt to disrupt the normal traffic of a targeted server, service or network by overwhelming the target or its surrounding infrastructure with a flood of Internet traffic. The attacks are also increasing in scale, with the largest one observed in the UAE measured at 254.3 Gbps.
Top threats
In 2020, Help AG identified a common tactic employed by multiple threat actors, using DDoS attacks as a mechanism to distract security monitoring and response teams, before executing the ransomware attack. Help AG also identified a ransomware threat group leveraging built-in features of Windows 10 to initiate attacks.
Ransomware attacks
Ransomware attacks too have been rising, largely thanks to their high rates of success, which can be attributed to their relative simplicity and their immediate impact on an affected business, as well as the fact that many organizations still end up paying the ransom. Which encourages the malignant actors to continue utilizing this attack method.
Vulnerabilities
Last year saw a significant rise in the number of vulnerabilities discovered, with a total of 18,353 identified as per the NIST National Vulnerability Database, and a particular increase in critical and high severity vulnerabilities.
Vulnerabilities that required no user interaction to exploit also increased. Government agencies were the most affected, followed by banking and finance, manufacturing, healthcare, education, and technology, with a significant rise in industrial control system (ICS) vulnerabilities.
VPN attacks
There was a major incident or new vulnerability identified in almost every single month of the year, highlighting the increasing need for Zero Trust Network Access (ZTNA) to become an industry standard for cybersecurity.
Help AG has identified a number of areas which saw significant investment over the course of 2020. Security infrastructure such as next-gen firewall platforms, application protection solutions and DNS security solutions saw major investment, as did secure remote access systems including VPN, SASE, Proxy, email security, and insider threat monitoring, which collectively enjoyed an over 300 per cent growth year-over-year.
In addition, organizations invested heavily in managed cyber defense and strengthening the Security Operations Centre triad, specifically in areas that included SIEM solutions, network detection and response solutions, endpoint protection/detection and response solutions, and vulnerability management.
New tech
Over the past year, Security Access Service Edge (SASE) and Secure Cloud Enablement have both seen increased uptake by organizations across all industry verticals. The report predicts that these technologies will see continued focus, including secure SD-WAN, email, application and endpoint security, micro-segmentation, Managed Security Services (MSS), and SMB security.
“Cybersecurity is not a one-man show. It takes collaboration amongst all responsible actors in the government and private sectors to improve the region’s digital security landscape,” said Nicolai Solling, Chief Technology Officer at Help AG.
