Why Business Continuity Plans Must Start With Security
Table of Contents
Cybersecurity CTO &
Executive Advisor, APJ
Remote Access, a security nightmare!
Consider how many of us rushed to prepare for BCP to stop the spread of COVID-19, this threat has impacted our work differently than what most business continuity plans are prepared to handle.
With most of us working from home at the moment, there are certainly a number of challenges involved with keeping business operations running. Unfortunately, a growing number of cybercriminals are seeking to leverage the current situation for their own gain.
Since January, we have seen approximately 51,000 websites registered using words relating to ‘coronavirus’. 31,000 of these were registered in the last two weeks alone. What is concerning is that security researchers have identified 13,000 of these as being malicious. The simple act of visiting one of these sites could leave a laptop or smartphone vulnerable to attack.
Increasing number in ransomware
Ransomware is also on the increase. If such attacks are successful, the victim finds that their files have been encrypted, and is asked to pay a ransom in order to get that access back. One cybersecurity business has observed a 4,000% increase in ransomware emails within their clients, and a 53% increase in phishing emails.
More than anything else, we are seeing that criminals are using COVID-19 as a lure. They are preying on individuals by pretending to be from legitimate entities who might approach them at this time, or otherwise convincing users to click on things that they shouldn’t be.
Mobile devices are part of the problem. Researchers at Check Point Software Technologies have found 16 different malicious Android apps, all masquerading as legitimate Coronavirus apps. Should users download these apps, they could have their banking logins and passwords stolen, receive intrusive ads, or have automated calls made to premium numbers that get charged to the victim’s phone bill.
Security challenge for remote work
It’s easy to understand why such an increase in attacks is being observed. For many organisations and individuals, this is new territory. Most organisations do a pretty good job of protecting the devices inside their premises, but today we have majority of the workforce working remotely. This presents different challenges that need to be addressed.
For example, most of those users working from home today are connecting directly to the Internet when they are surfing the web. Those searches are not being routed through the corporate gateways where security screening would usually take place. The result is that without proper protections on those endpoints, they are left vulnerable to attacks.
The larger lesson we need to learn from this pandemic, is that our BCP needs to be agile enough to handle the new norm.
Luckily, protections are available. Traditional antivirus solutions are not effective against today’s sophisticated threats. What is needed is a comprehensive set of protections against malicious websites, phishing attacks, ransomware, and advanced malware.
SandBlast Agent is a complete endpoint security solution offering a fleet of advanced endpoint threat prevention capabilities so you can safely navigate today’s threat landscape. The 2020 NSS Labs Advanced Endpoint Protection Test awarded it an ‘AA’ rating for blocking 100% of threats across multiple categories
For mobile devices, SandBlast Mobile offers enterprise mobile security that protects against threats to the OS, apps, and network. Leveraging Check Point’s best-of-breed threat prevention technology, SandBlast Mobile offers the highest threat catch rate in the industry without impacting device performance or user experience.
How do you protect organizations against unknown malware, zero-day threats and targeted attacks, and prevents infections from undiscovered exploits? Or rather, how do you protect against your own user’s behavior?
Download 2020 NSS Labs Check Point End Point Protection Report
What you will get in the report:
- Exploit protection rating
- Ability to detect false positives
- Resistance to threats using evasion techniques
- Effectiveness against malware
- Drive-by exploits from web browsing
- Protection against social exploits