In Cybersecurity Awareness Month, Check Point Software highlights five fundamental cyber trends in the form of tips for protecting data, users, applications, devices and infrastructure.
1st Trend: 90% of phishing sites are active for just one day
This statistic highlights a troubling aspect of cybercrime: the rapid turnover of these malicious sites complicates detection and mitigation efforts. Attackers quickly create and dismantle phishing sites, often taking advantage of high-traffic events such as holidays or important product launches, maximizing the chances of success in a short space of time.
The momentary strategy makes traditional security measures less effective, as many detection systems rely on historical data and established patterns to identify threats. The short life cycle of these sites means that they can often evade blocklists and other defenses before organizations are aware of their existence. As a result, cybersecurity professionals face a major challenge, needing to adopt more agile and proactive strategies to identify and combat these transient threats, which can attack at any time and disappear quickly.
According to Rob Falzon, director of Engineering in the CTO’s office at Check Point Software, here are best practices for dealing with this first trend:
. In the current digital landscape, it is not enough to prevent a cyber attack; You need to be prepared for when it happens. Conduct regular phishing exercises to help employees recognize threats and create a rapid response plan to act immediately during an attack.
. Assume a breach will occur and ensure your team knows their role in mitigating damage. A well-prepared organization will have a clear plan of action: alert the security team, disable compromised accounts, and notify users immediately.
. Being proactive and prepared can significantly reduce the impact of a cyberattack.
2nd Trend: 70% of global malicious files are delivered via email
Despite technological advances and new communication methods, email remains a persistent vector for cyberattacks. Its widespread use and users’ reliance on their inboxes make it a favorite target for cybercriminals.
Email’s adaptability allows attackers to tailor their messages to individual targets, significantly increasing the chances that recipients will interact with malicious attachments.
For example, they often employ social engineering tactics, creating a sense of urgency or familiarity that leads users to act impulsively. This approach not only manipulates human behavior, but also takes advantage of the fact that many organizations continue to use email to exchange essential files and information.
In the view of Jeremy Fuchs, from the CTO of Check Point Software, the tips for dealing with this trend are:
. Focus on security that analyzes files and blocks malicious content, such as Content Disarm & Reconstruction (CDR). This goes beyond traditional malware analysis by instantly removing any executable content before delivery, whether identified as malicious or not.
. Practice good cyber hygiene when dealing with files or emails. This includes checking the sender’s address, hovering over links in the email, and watching for spelling or grammatical errors.
. Always stop and reflect: “Am I waiting for a file from this person?” or “Do I receive documents for signature frequently?” These seconds of thought can help you distinguish a legitimate email from a malicious one.
3rd Trend: An organization in Brazil was attacked, on average, 2,679 times per week in the last six months, compared to 1,710 global attacks per organization
The increase in cyberattacks illustrates the increasing sophistication of cyberthreats, as attackers use advanced methods and automation to exploit vulnerabilities. Several factors contribute to this significant increase, such as the adoption of remote work and the increasing use of partners, which have expanded organizations’ attack surface. Additionally, the prevalence of ransomware and other lucrative attacks continues to grow, with attackers eager to exploit any opportunity for financial gain.
For Pete Nicoletti, Global CISO at Check Point Software, the main measures to be taken are:
. Not only are we seeing an increase in the volume of attacks, but the time between initial exploitation and data exfiltration has drastically decreased, from weeks to seconds. Automated, AI-driven prevention is the only way to address this trend.
. The tools used must work together to reduce MTTR (Mean Time to Resolution). Check Point Software offers solutions that automate and orchestrate actions, regardless of the technology provider.
. Automate preventative responses to identified threats with External Attack Surface Management (EASM). It is no longer enough to wait for threats to arrive; you need to be proactively aware of them and have defenses ready.
Trend 4: Cybercriminals have released details of over 3,500 successful global ransomware attacks on businesses in 2024
Ransomware continues to be a favorite tactic of cybercriminals, who now use double extortion – in addition to encrypting data, they threaten to disclose sensitive information if the ransom is not paid. The emergence of Ransomware-as-a-Service (RaaS) has made it easier to carry out these attacks, expanding the number of potential offenders.
According to Micki Boland, from the CTO office at Check Point Software, a lot of attention is needed against ransomware and the tips are:
. Implement strong security for all endpoints, mobile devices, laptops and servers, ensuring protection against phishing, malware, ransomware and disk encryption.
. Ensure all mission-critical and highly restricted and protected data is segmented with access control and data protection. They must be encrypted and regularly backed up, and backups tested; and no matter where they are located: on-premises, in the cloud or at a partner.
. Implement strong email security to protect against business email compromise (BEC), which is still the number one attack vector according to IC3, and is used by cybercriminals to promote ransomware and malware attacks, as well how to conduct financial fraud.
5th Trend: On average, the education sector suffers the highest rate of cyber attacks, followed by the government and healthcare sectors in the world
Educational institutions, especially universities, often focus on accessibility, resulting in broad networks that cybercriminals can easily exploit. The sheer number of users and devices can lead to weaker security practices, making them attractive targets for phishing attacks and data breaches.
Likewise, government entities are prime targets due to the sensitive information they manage, which can be exploited for financial or political gain.
Healthcare organizations face unique challenges, as they deal with large amounts of personal data and often need more cybersecurity measures. The urgency surrounding medical services can sometimes compromise security measures, increasing the susceptibility of these institutions to ransomware attacks and other threats.
In the opinion of Aaron Rose, from Check Point Software’s CTO office, all sectors must adopt best cybersecurity practices such as:
. Assess your current cybersecurity posture through a Security Workshop, which examines existing security measures to identify weaknesses and vulnerabilities in systems and processes. By closely analyzing network infrastructure, software applications, hardware devices, security operations, and organizational policies, you can identify areas that need improvement.
. Protect your infrastructure by segmenting networks to limit the spread of potential breaches and adopt a prevention-first mindset. Strict access controls must be in place, and adopting a zero trust architecture will help ensure that only authorized personnel can access sensitive information.
. Employee education and awareness plays a key role in cybersecurity. Establish training programs to raise awareness about phishing, malware, and ransomware. Regular workshops, continuous learning initiatives, and mock phishing exercises can prepare employees and students to recognize and appropriately respond to potential attacks.
. Regular vulnerability scanning, External Attack Surface Management (EASM) solutions, and rapid patch management can resolve security holes before cybercriminals exploit them. Furthermore, implementing multi-factor authentication is no longer a “differentiator” but an absolute necessity.
. Developing and regularly updating incident response plans is crucial to minimizing the impact of any cyberattacks that occur. These plans should outline specific steps for detection, containment, and recovery, and ensure clear communication channels between all stakeholders. Performing regular backups of critical data and ensuring quick restoration and access to those backups can significantly reduce downtime in the event of an attack.
Maintain protection in the new digital era
These five trends highlight the crucial need for organizations to improve their cybersecurity protocols and foster a culture of awareness. Cybercriminals are using increasingly sophisticated methods, from quick phishing schemes to complex ransomware attacks, which significantly increase risks.
Organizations must take proactive measures to drastically reduce the risk of breaches, protect sensitive data, and ensure the continuity of essential services. Proactive cybersecurity efforts not only protect personal data, but also maintain the trust of those they serve. By staying informed about these trends and taking preventive actions, organizations can strengthen their defenses against potential threats by creating a cyber resilience policy.
See the original post at: https://www.cisoadvisor.com.br/5-modos-de-elevar-ciberseguranca-das-empresas/?rand=59039
