Dubai: 2020 wasn’t just the year of COVID-19 – cyber threats have escalated throughout the year and more as people spend lives interacting through digital screens.
There were more than 10 million Distributed Denial of Service (DDoS) attacks worldwide last year, and the United Arab Emirates alone saw a 183 percent rise, according to Help AG, the cybersecurity arm of Etisalat.
“This increase has made DDoS attacks by far the most prevalent form of cybersecurity threats faced by organizations today,” said a report from Help AG.
The government, private sector, oil and gas, telecommunications, and healthcare sectors faced a particularly harsh attack, with attacks targeting specific clients using different attack patterns.
“The public and private sectors around the world are facing unprecedented levels of digital threats that are increasing year after year,” said Stefan Berner, CEO of Help AG.
A DDoS attack is an attempt to disrupt the normal traffic of a target server, service, or network by flooding the target or surrounding infrastructure with a flood of Internet traffic. Attacks are also increasing in volume, with the largest attack observed in the UAE, at 254.3 Gbps.
The most important threats
In 2020, Help AG identified a common tactic used by many actors in the threat field, using DDoS attacks as a mechanism to distract surveillance and security response teams, before implementing a ransomware attack. Help AG has also identified a set of ransomware threats that take advantage of the features included in Windows 10 to initiate attacks.
Ransomware attacks have also increased, thanks in large part to their high success rates, which can be attributed to their relative simplicity and immediate impact on affected businesses, as well as the fact that many organizations are still paying the ransom. This encourages malicious actors to continue to use this attack method.
The past year has seen a significant rise in the number of vulnerabilities discovered, with a total of 18,353 identified according to the NIST National Vulnerability Database, and a particular increase in critical and high-risk vulnerabilities.
Vulnerabilities also increased that do not require user intervention to exploit them. Government agencies were the hardest hit, followed by banking, finance, manufacturing, healthcare, education and technology, with a significant rise in vulnerabilities in the Industrial Control System (ICS).
There has been a major incident or new security vulnerability identified nearly every month of the year, highlighting the growing need for Zero Trust Network (ZTNA) access to become an industry standard for cybersecurity.
Help AG has identified a number of areas that have seen significant investment over the course of 2020. Security infrastructure such as next-generation firewall platforms, application protection solutions, and DNS security solutions have seen significant investments, as have secure remote access systems including VPN, SASE and Proxy. And email security and insider threat monitoring, which collectively enjoyed growth of over 300 percent year-on-year.
Additionally, organizations have invested heavily in managed cyber defense and security operations center enhancement, specifically in areas that included SIEM solutions, network discovery and response solutions, protection / detection and response solutions, and vulnerability management.
Over the past year, both Security Access Service Edge (SASE) and Secure Cloud Enablement have seen increased uptake by organizations across all sectors of the industry. The report predicts that these technologies will see continued focus, including SD-WAN security, email and applications, endpoint security, micro-segmentation, Managed Security Services (MSS), and SME security.
“Cybersecurity is not an individual proposition.” “It takes collaboration between all responsible actors in the government and private sectors to improve the digital security landscape in the region,” said Nikolai Soling, Chief Technology Officer at Help AG.