Connect with us

Cyber Security

Acronis #CyberFit Summit Dubai Gathers World-Class Experts Under One Roof

Published

on

Acronis has successfully concluded its #CyberFit Summit Dubai — the third stop in the Acronis World Tour, an ongoing industry event series dedicated to bringing cyber protection to businesses everywhere. Marking the start of the event, the company has released its annual Acronis Cyberthreats Report 2022, an in-depth review of cybersecurity trends and threats worldwide. The report warns that managed service providers (MSPs) are particularly at risk — having more of their own management tools, such as PSA or RMM, used against them by cybercriminals, and thus are becoming increasingly vulnerable to supply chain attacks. “

Supply-chain attacks on MSPs are particularly devastating since attackers gain access to both their business and clients — as seen in the SolarWinds breach last year and the Kaseya VSA attack earlier in 2021, one successful attack means crippling hundreds or thousands of SMBs. The report also shows that during the second half of 2021, only 20% of companies reported not having been attacked — as opposed to 32% last year — indicating that attacks are increasing in frequency across the board.

“The cybercrime industry is a well-oiled machine, using cloud and machine intelligence to scale and automate their operations. While the threat landscape continues to grow, we see that the main attack vectors stay the same — and they still work,” says Candid Wuest, Acronis VP of Cyber Protection Research. “While the attack surface is growing and 2022 will surely bring us surprises, cyber protection automation remains the only path to greater security, reduced risks, lower costs, and improved efficiency.”

Key trends of 2021 — and predictions for 2022
Beyond the growing efficiency of cybercriminals and the impact on MSPs and small businesses, the Acronis Cyberthreats Report 2022 shows:

  • Phishing remains the main attack vector. 94% of malware gets delivered by email — using social engineering techniques to trick users into opening malicious attachments or links, phishing has been topping the charts even before the pandemic. It still continues to grow rapidly: just this year, Acronis reported blocking 23% more phishing emails and 40% more malware emails in Q3, as compared with Q2 of the same year.
  • Phishing actors develop new tricks, move to messengers. Now targeting OAuth and multifactor authentication tools (MFA), these new tricks allow criminals to take over accounts. To bypass common anti-phishing tools, they will use text messages, Slack, Teams chats and other tools for attacks such as business email compromise (BEC). One recent example of such an attack was the infamous hijacking of the FBI’s own email service, which was compromised and started sending spam emails in November 2021.
  • Ransomware is still the #1 threat — to big companies and SMBs alike. High-value targets include the public sector, healthcare, manufacturing, and other critical organizations. But despite some recent arrests, ransomware continues to be one of the most profitable cyber attacks these days. Acronis predicts ransomware damages will exceed $20 billion before the end of 2021.
  • Cryptocurrency among the attackers’ favourite playing cards. Info stealers and malware that swaps digital wallet addresses are the reality today. We can expect more such attacks waged directly against smart contracts in 2022 — attacking the programs at the heart of cryptocurrencies. Attacks against Web 3.0 apps will also occur more frequently, and new and increasingly sophisticated attacks, such as flash loan attacks, will allow attackers to drain millions of dollars from cryptocurrency pools.

Growing need for cyber protection in MEA: two data centers opening
Overall, in terms of cybersecurity, this year was the worst on record; not just for many organizations, but for many countries as well — including the UAE, a country now pushing to fight the global “cyber pandemic.” And despite their best effort, as Acronis’ own recent survey shows, 25% of people in UAE still do not use any cyber protection tools.

Malware attacks remain a global phenomenon, and every country has to fight it. Reviewing the normalized malware detection in our research, we saw countries like Taiwan, Singapore, China, and Brazil with over a 50% detection rate. However, the Middle East and Africa (MEA) region also rank fairly high on the list, with the UAE at 38%; South Africa at 36%; and Saudi Arabia at 29%.

We see similar statistics for blocked ransomware attacks: the UAE ranked 33rd globally, responsible for 0.3% of all global detections — a 63%  increase from Oct 2021 — while South Africa ranked 30th globally, responsible for 0.4% of all detections — a 64% increase from October 2021.

While ransomware attacks are clearly on the rise in MEA, the high malware detection rates could mean that countries are paying more attention to cyber protection by upgrading their detection capabilities.

The Acronis #CyberFit Summit taking place as a hybrid event in Dubai, UAE on December 8th─9th aims to help local organizations and citizens build up their cyber defences. The platform engages world-class cybersecurity and industry experts and provides an in-depth look at how companies can enhance their IT infrastructure capabilities — with a particular focus on MSPs, the backbone of channel business.

Acronis is also using this platform to pre-announce the opening of two data centers in Africa — Nigeria and South Africa — opening in Q2 2022, helping to fulfill the company’s ongoing plan of building 110 data centres worldwide within two years.

Acronis Cyberthreats Report 2022
The Acronis Cyberthreats Report 2022 is based on examining attack and threat data collected by the company’s global network of Acronis CPOCs, which monitor and research cyber threats 24/7. Malware data was collected by more than 650,000 unique endpoints around the world running Acronis Cyber Protect — either as a client of an MSP using the solution or a business running the solution. The end-of-year update covers attacks targeting endpoints detected between July and November 2021.

The full report provides in-depth insights into the top cybersecurity and threat trends the CPOCs observed during the second half of 2021; a review of malware families and related statistics; a deep dive into ransomware’s most dangerous groups; the vulnerabilities that contribute to successful attacks; and Acronis’ security recommendations for 2022 and beyond. Check out the findings for the first half of 2021 in our Acronis Cyberthreats Report: Mid-year 2021.

Acronis #CyberFit Summit in Dubai, UAE
Remote work is here to stay, and so are the increased levels of sophisticated cyberattacks — and so it’s up to both companies and individuals to follow the best cyber protection practices available.

If you are keen to learn more about cybersecurity pain points and available solutions for businesses, register now for the Acronis #CyberFit Summit World Tour 2021. One platform that allows you to:

  • Attend result-focused virtual sessions for free and learn from world-class experts on cyber protection.
  • Enhance your MSP business’ cyber protection capabilities with advice from the top channel, cybersecurity, and industry experts.
  • Hear exclusive case studies of successful, profitable, and scaling MSPs and MSSPs.
  • Learn how to grow your business with cybersecurity-forward services.
  • Join hands-on, interactive workshops, insightful panels and breakouts, and inspiring keynotes — while enjoying IT channel networking opportunities.

Cyber Security

FortiGuard Labs Contributes to INTERPOL Multinational Cybercrime Suppression Operation in Africa

Published

on

Sharing threat intelligence and working with other threat intelligence organizations improves protections for customers and enhances the effectiveness of the entire cybersecurity industry.

Recently, FortiGuard Labs provided evidentiary support to INTERPOL and African Member countries as part of the Africa Cyber Surge Operation (ASCO) to help detect, investigate, and disrupt cybercrime through coordinated law enforcement activities, utilizing INTERPOL platforms, tools, and channels in close cooperation with AFRIPOL.

The ACSO is a multinational cybercrime suppression operation focused on identifying cybercriminals and compromised infrastructure in the African region. The INTERPOL Cybercrime Directorate and INTERPOL Support Program for the African Union (ISPA) collaborated with AFRIPOL and 27 INTERPOL member countries to leverage this intelligence and combat the growing threat of cybercrime across the continent.

The successful Cyber Surge operation and transfer of knowledge to multiple law enforcement agencies in the African region is the result of continued threat information sharing and trusted cooperation between INTERPOL, FortiGuard Labs, and other INTERPOL private partners.

FortiGuard Labs provided actionable threat intelligence over a six-month period, which consisted of botnet, command, and control (C2), and malware infrastructure research, including C2 and malware and botnet victims located within the African continent.

“The Africa Cyber Surge Operation, launched in July 2022, has brought together law enforcement officials from 27 countries, working together for almost four months on actionable intelligence provided by INTERPOL private partners,” Craig Jones, Director of the Cybercrime Directorate with INTERPOL comments. “This intelligence focused on opportunities to prevent, detect, investigate and disrupt cybercrime through coordinated LE activities utilizing INTERPOL platforms, tools, and channels. This operation focused both on cybercriminals and compromised network infrastructure in Africa, allowing member countries to identify more than 1,000 malicious IP addresses, dark web markets, and individual threat actors, enhancing cooperation between INTERPOL, AFRIPOL, and the member countries, and contributing to connecting policing for a safer world.”

“The Africa Cyber Surge Operation is a shining example of how shared threat intelligence on threat actors and joint operations across trusted partners can increase the cyber resilience of an entire region,” highlights Derek Manky, Chief Security Strategist & VP Global Threat Intelligence, FortiGuard Labs. “It also shows how valuable cybersecurity training and education is to help close the cyber skills gap and effectively disrupt cybercrime at scale. We will continue to work with our private and public sector partners such as INTERPOL around the world to help make our digital world a safer place.”

For more than a decade, FortiGuard Labs has helped inform and protect customers, partners, and governments around the world. As a leader in the threat intelligence community, its mission is to provide the best threat intelligence designed to protect customers from malicious activity and sophisticated cyberattacks. The team is composed of some of the most knowledgeable threat hunters, researchers, analysts, engineers, and data scientists in the industry, working in dedicated threat research labs all around the world.

Fortinet has been an active member of the Global Cybercrime Expert Group and trusted partner to INTERPOL dating back to 2015 and became an INTERPOL Gateway partner in 2018. This ongoing collaboration has resulted in greater threat intelligence standards and protocols across the industry as well as impactful global cybercriminal takedowns.

In addition to INTERPOL, FortiGuard Labs is committed to partnership and cooperation with global law enforcement, government organizations, and industry organizations. Some of the global partnerships include being a founding member and regular contributor of the World Economic Forum’s (WEF) Centre for Cybersecurity as part of its Partnership Against Cybercrime (PAC), serving as a long-standing member of the NATO Industry Cyber Partnership (NICP), contributing to the development of STIX/TAXII protocols with MITRE & OASIS​, being an official Research Partner with MITRE Engenuity’s Center for Threat-Informed Defense (Center), co-founding the Cyber Threat Alliance (CTA), working in partnership with the computer incident response organization FIRST, and more.

Continue Reading

Cyber Security

Lookout Threat Lab Discovers Predatory Loan Apps on Google Play and Apple App Store

Published

on

Lookout, Inc. has announced the discovery of nearly 300 loan apps that exhibit predatory behavior such as exfiltrating excessive user data from mobile devices and harassing borrowers for repayment. These apps, which were found in Africa and Southeast Asia, as well as India, Colombia, and Mexico, purportedly offer quick, fully-digital loan approvals with reasonable loan terms. In reality, they exploit victims’ desire for quick cash in an attempt to ensnare borrowers into predatory loan contracts and require them to grant access to sensitive information on their devices such as contacts, phone history, and SMS messages — information that would not be required in a valid loan application process.

In addition to predatory requests for excessive permissions, many of the loan operators display scam-like actions. Victims have reported that their loans came with hidden fees, high-interest rates, and repayment terms that were much less favorable than what was posted on the app stores. Lookout Threat Lab also found evidence that the data exfiltrated from devices were sometimes used to pressure the customer for repayment – a common threat tactic to disclose a borrower’s debt or other personal information to their network of contacts.

In total, Lookout researchers uncovered 251 Android apps on the Google Play Store with more than 15 million collective downloads. The team also identified 35 apps on the Apple App Store that were in the top 100 finance apps in their regional stores. Lookout has been in contact with Google and Apple about these apps and, at the time of publishing, none of them are available for download.

“Mobile apps have made managing our lives a lot easier and are a convenient way to interact with businesses such as financial institutions. However, when entrusting any app with sensitive personal information, it is extremely important to stop and ask yourself if the information being requested makes sense and if the business behind the app is a trusted entity,” said Ruohan Xiong, senior security intelligence researcher, Lookout. “As these predatory loan apps have demonstrated, app permissions could easily be abused if users are not careful. While there are likely dozens of independent operators involved, all of these loan apps have a very similar business model – to trick victims into unfair loan terms and then extort payment.”

Continue Reading

Cyber Security

Dragos Participates in Global Security Forum in Riyadh

Published

on

Dragos, Inc. announced that it participated in the Global Cybersecurity Forum, held in Riyadh recently. The two-day event attracted cybersecurity experts and leaders from all over the world. Ben Miller, who represented Dragos as its Vice President of Services, spoke on the concluding day of the forum, about the threat of supply chain and third-party attacks. In his session, titled, “Pervasive and Insecure,” he discussed supply chain risk in critical infrastructure, examining the complex reality of third-party and supply chain attacks and sharing perspectives on the unseen vulnerabilities and how to address them.

Miller highlighted the complex nature of supply chain attacks, which potentially contain widespread vulnerabilities in the OT and industrial control systems (ICS). He outlined Dragos’ specific focus on the Kingdom’s supply chain risk in critical infrastructure including refineries and water treatment plants, as “Energy and water are specific focuses of ours in the region as they are critical not just to the economy but also to every person who lives here,” he said.

Giving an outline of the Dragos plan to help organizations detect and respond to the threat challenges posed to critical infrastructure in Saudi Arabia, he said, “We need to focus on educating the workforce, building a new understanding of how OT is different from IT, and gaining visibility and insights into what is happening in our critical infrastructure.” OT cybersecurity is in many ways a new field, he said.

“We need to communicate the needs of OT security as right now the concern exists but the specific needs aren’t well understood by asset owners. They do understand that digital transformation is happening and they need to secure it. I would focus on this business case and speak to the need for OT-specific monitoring, defensible architectures, and OT-specific incident response plans,” the Dragos official said.

Miller said supply chain attacks in critical infrastructure are complex with many suppliers, vendors, integrators, and long lifecycles that measure in decades. Commenting on the need to build industrial cyber resilience to keep such threats in check, he said: “The first challenge in the OT space is gaining visibility into what assets one has. You can’t defend something if you don’t know it exists.”

When it comes to safeguarding cyberspace, he had a few words of advice for Saudi Arabia, “The Kingdom should realize the potential challenges as early as possible. Commending the country’s efforts in cybersecurity. Over the last few years, Saudi Arabia has focused heavily on cybersecurity by investing in key programs and events such as the Global Cybersecurity Forum. The Kingdom of Saudi Arabia has impressed many by taking one of the world’s leading positions in developing and maintaining a cyber ecosystem. Therefore, the Kingdom now has a vantage point to bridge global cyber divides and ensure that cybersecurity benefits all societies in the region.”

A global expert in industrial cybersecurity himself, Miller joined other renowned thought leaders in the field, including Dr. Albert Antwi-Boasiako, Directory-General of the Cyber Security Authority, Ghana; Mary O’Brien, General Manager, IBM Security; Lothar Renner from Cisco Security; and Dr. Victoria Coates, Former Senior Advisor to the US Secretary of Energy.

Continue Reading
Advertisement

Follow Us

Trending

Copyright © 2021 Security Review Magazine. Rysha Media LLC. All Rights Reserved.