Neil Langridge, Marketing Director at e92plus speaks with Wim Cops, Consumer Sales Manager at Bitdefender about its 20 years in the making as a cyber-security solutions provider, current black spots within the cyber security market and measures to address these critical issues.
In 2021, Bitdefender celebrated its 20th anniversary – happy birthday!
What made that milestone so special for the company?
Our 20th anniversary marks an important milestone in our journey as a cyber-security solutions provider not because it’s just a round number, but because it marks two decades of significant innovation that made us one of the most trusted cybersecurity leaders in the world.
We’ve seen the risks and threats from cybercriminals significantly increase in the last 12 months, what are the key trends that small businesses and consumers need to look out for?
Security risks have become more visible and diversified in the past few years. Some of the most important ones are as follow:
– Ransomware: Ransomware attacks have become mainstream with the proliferation of ransomware-as-a-service, where cyber-criminal groups create and market ransomware to affiliates. This democratisation of access to ransomware has had a significant impact on data safety and privacy, as attackers also exfiltrate stolen information as an additional mechanism of blackmailing.
– Data breaches: This has become the new normal, as attackers are capitalising on illegally gained access to steal customer information, intellectual property or trade secrets to be sold or exchanged in specialised underground forums. Data breaches go hand in hand with ransomware attacks as a secondary vector of extortion.
– Phishing and vishing (voice phishing): This technique is decades old and leverages the human element for illegal access into systems or infrastructure. Domain accounts can be used as they are or traded (eventually sold) on underground forums. A specific type of attack called Business Email Compromise abuses illegal access or impersonation to generate financial fraud and have decision makers wire large amounts of company money to cyber-criminals.
– Blurry perimeters between personal and public life or between private and public infrastructure: The work-from-home pandemic has forced companies to open up access to previously private areas of their infrastructure. Either through cloud adoption or through more relaxed access policies, companies allow workers outside the premises to interact with data and processes, which may negatively impact on business security and confidentiality. Users working from home are often more likely to take security less seriously and lack the security insight at the network level. Combined with a plethora of IoT devices and misconfigured networking equipment at the personal network, vulnerabilities at the employee’s end can have nefarious consequences on business security and safety.
– Inherent misconfiguration in equipment: Access control, outdated software or improperly exposed services across the network can open new avenues of attack. Endpoint risk analytics and security auditing play a key role in identifying misconfiguration and plugging the gap before attackers gain access to the network.
Cybercrime has increasingly focused on crypto-ransomware, where they see opportunities to make a lot of money. Has the threat changed for consumers and smaller businesses that might not be such lucrative targets?
Unfortunately, consumers and smaller businesses are still targeted by cyber-criminals as many are using a spray and pray approach. Even if cyber-criminals can charge only a fraction of the money they would normally demand after breaching a large company, they are able to infect smaller victims much easier and generate significant revenue.
There are many options for small businesses in choosing the right cybersecurity products to use, covering different areas and applications. This can cause complexity and is costly, so how can organisations prioritise where to spend their budget on the right technologies?
Small businesses rarely have the necessary cyber-security capabilities to stay on top of ransomware (or any other modern threats, actually). This is why we recommend Managed Detection and Response services instead of implementing and operating their own cyber-security infrastructure. If this is not an option, then we’d recommend that small companies deploy at least endpoint, server and virtualised server protection with behavioural detection capabilities.
The pandemic has seen many organisations shift to flexible working, meaning many employees now work from home regularly. As they are connecting to company networks and applications using their own Wi-Fi and devices, what advice would you give them to keep their own network secure?
Remote work is a complex aspect that requires extra attention and tools to properly and safely function. The transition from the corporate office to the home puts serious pressure on IT teams that are now supposed to keep company data secure, even if the user works from their personal laptop or from a company-issued device connected to a potentially hostile environment.
Some of the most important threats while working from home are:
– An increase in fraudulent e-mails that either lure victims into disclosing company credentials (phishing) or opening attachments rigged with ransomware. When working on a personal computer these risks are particularly important as the IT team does not have any control of the security solution, the way it is configured, or the security patching level of the used operating system.
– Compliance risks. At work, customer and company data is stored securely in accordance with local or international law. Data encryption, device management, and other security controls might not be necessarily available on the home computer, which could facilitate theft or unauthorised disclosure of customer or company information.
– Hostile network environments. Unlike enterprise networking setups, home networks are an amalgam of devices that often connect to an outdated, vulnerable router. Hackers have taken advantage of this and have started probing home connections for vulnerable networking equipment that they could compromise. IoT devices are another major concern that could play a crucial role in data theft.
These risks can be mitigated with proper security defences running on both endpoints and at the network level. At the technology layer, more and more automation and decision-making is offloaded to machines. Artificial intelligence and human risk analytics are just some of the technologies that have been extremely effective against threats targeting remote users. However, while extremely important, technology should go hand in hand with cyber-security awareness training and well-laid out procedures. Employees should formally go through these procedures at least once a year and take a quiz to validate their cyber-security knowledge.
Many people will have received IoT and Internet connected devices at Christmas – from doorbells to kettles to toys. What possible cyber threats do they present, and how can consumers enjoy the benefits they bring while still staying safe?
Any new device connected to the home network increases its attack surface. As IoT devices are designed to be accessible outside of the home and constantly communicate with their cloud, they increase this attack surface by an order of magnitude. Any vulnerability in their firmware could allow an outside attacker to take control of the device and data or to use the vulnerable device to pivot to more important destinations in the network.
Smart home enthusiasts should consider a router with built-in security, as it will help keep tabs of networked devices and probe them for vulnerabilities. If this is not an option, users and employees should take a quick inventory of active IoT devices in their networks and keep them up to date. If some devices are past their end of life, they should be replaced, especially when they are affected by a known, unresolved vulnerability. A good practice for users would be to move all smart “things” to their guest network, as it is isolated from the main one used by the family.
What opportunities do you see for resellers in cybersecurity in 2022?
Cyber-security will remain a hot topic in 2022 and beyond, as more and more companies are accelerating digitalisation efforts started during the pandemic. Increased digitalisation and adoption of cybersecurity products will allow resellers to offer some form of managed security service to help companies improve their security posture.
Read the latest edition of PCR’s monthly magazine here:
Like this content? Sign up for the free PCR Daily Digest email service to get the latest tech news straight to your inbox. You can also follow PCR on Twitter and Facebook.