Why We Agree That the Largest Cyberattack in History Will Happen Within Six Months and How You Can Be the Action Hero That Stops It In the Last Critical Seconds…

No Gravatar

This Forbes article sparked my interest as it crossed my desk today.  For one, not many people are willing to stick out their neck to make such bold predictions as Mr. McBride did in his article.  At the same time, the logic behind his prediction and his reasoning appear quite sound.  The analogy of trying to break into two different types of buildings was also quite apt for describing how the best way to defend against an attack and hackers is by reducing the “attack surface”.

As we’ve written previously, COVID-19 has caused many organizations’ “attack surfaces” to be greatly increased as they grapple with the issue of enabling their employees to work from home (WFH).  Although these organizations probably spent a boatload of money fortifying their corporate networks in the workplace with EDR / MDR / Sandbox / NGFW, etc., with COVID-19 forcing workers to work from home, these corporate fortifications are no longer protecting them.
 
From what we’ve seen we wholeheartedly agree that WFH is going to continue, even after the pandemic eases up.  This is clearly evidenced by recent news where tech giants Facebook and Google asked their employees to continue WFH for the rest of the year.  Canadian Universities are also preparing for and advising their students that for the 2020/2021 year, classes will be online with only labs being carried out in person.  This is echoed in the corporate world with Gartner analysts forecasting, from over 74% of CFOs polled, that there is a plan to shift at least 5% of previously on-site employees to permanently remote positions post-COVID-19.
 
Unfortunately, organizations have been struggling to cobble systems together in order to enable WFH resources; usually starting by activating VPN features on their firewalls.  Workers who were previously on secure corporate computers and laptops in their offices, now find themselves trying to make-do with their home computing devices accessing their corporate networks through unsecured home internet connections. Again, based on today’s cybersecurity practises, the key for security has always been to keep the threat landscape as small as possible.  There was already and explosion of IOT and IIOT endpoints happening (to the tune of over 75 Bn devices being connected over the past couple of years and more being connected daily). Adding the effects of the current WFH trend is overwhelming security teams and is quickly exposing the fact that the Detect, Quarantine and Remediate mode of operations does not work.

As we’ve mentioned before, companies that are relying solely on an overwhelmed VPN infrastructure is a recipe for disaster.  Home traffic from devices that the companies do not control is leaving them wide open for a breach.  Even if they are utilizing legacy VPNs to access work networks, without security that can detect and block malware and hackers, their non-VPN traffic is left wide open to security breaches.  Those companies who are trying to avoid overloading their VPNs by electing to use split-tunnelling to offload users’ internet browsing traffic are also leaving themselves wide open for hackers to get into their corporate networks.  Instead of hacking the corporate network directly, hackers are compromising in a roundabout method by gaining access to WFH devices first, with the ultimate goal of accessing corporate networks through these unprotected devices.

So, why do we feel that this prediction has a good possibility of coming true?  Well, current available security  is not sufficient.  Although some VPN solutions enforce “security checks” on devices, this enforcement is static; they can discover vulnerabilities on the system while scanning but do not actually prevent traffic-borne malware at the endpoint.  On the more stringent end of the spectrum, although some organizations are mandating that their WFH employees install sophisticated endpoint detection and response (EDR) solutions, which would enable IT staff to treat home assets similar to business assets, this is defeated again by the fact that the home network security setup is typically far from the level of the fortified corporate fortress; and often times non-existent.  Although we may see Mobile Device Management (MDM) approaches trickle down to WFH devices, where they may be partitioned to support business usage, when it all boils down, the issue really becomes traffic malware detection.
 
As the Forbes article mentions, the alignment of all of the issues that COVID-19 has opened up is a “dream come true for cyber criminals”.  Hackers have stepped up their games and quickly started crafting COVID-related malware that would prey on individuals’ fears, tricking them into clicking on links that purported to provide information on how they could protect themselves during the pandemic.  With targeted phishing attacks on employees who are WFH, and who are prone to distractions from having to WFH, hackers are finding it easier find cracks in corporate security armour.  They only need to “gain access through one entry point to seize control of a whole network.  Once they’re in they can steal data, secrets, and even lock you out of the network.”

To make matters worse, hackers have been targeting those organizations whose resources are already stretched thin trying to battle the pandemic on the front lines.  As of this past week, it was reported that healthcare insurance giant Magellan Health was the victim of a ransomware attack and data breach.  The attack resulted in temporary system outages and exfiltration of confidential company and personal information.  With the company under “immense strain as it attempted to meet the demands onset by the COVID-19 pandemic”, hackers were just waiting for the optimum time to strike and cause most harm.

Back to the Forbes article, it was noted that over the past couple months, hackers have targeted the US Department of Health and cyberattacks against the World Health Organization (WHO) have more than doubled.  Intelligence reports also revealed that coronavirus-related cyberthreats have increase by 600% between the months of February and March with no abatement in sight.  

Hence, based on current trends, and current approaches to security, the prediction looks very likely to come to fruition.  So, if it is no longer a case of “if” but “when”, how do organizations try to protect themselves from being part of that largest cyberattack in history?  How can they try to minimize their “attack surfaces”, even though WFH requirements have basically left them wide open and vulnerable?  Well, if you don’t want your organization to become part of the statistics, you should look into the Wedge Absolute Real-time Protection (WedgeARP) Secure Home Office and Secure Remote Office solutions that are helping organizations greatly reduce their attacks surfaces during this time of growing WFH requirements.  

With our “Detect and Block” approach that underpins the WedgeARP platform, we espouse a proactive instead of reactive way of dealing with malware.  Wedge’s solutions are cloud-managed, on-premises or cloud-enforced security services offerings that provide a vast array of optimized Security-as-a-Service (SECaaS) features to enterprises and those working from home; enabling effective security solutions for any cloud-connected computing devices.  WedgeARP provides real-time threat protection for all types of endpoints in different types of networks (mobile data, 5G, SD-WAN, SASE, and smart-city/IIoT).  It enables situational awareness for the entirety of managed networks, with security event tracing, rapid response, centralized policy management, reporting, and analytics; all of the things that the legacy VPNs are missing. To find out more about how this solution can help reduce your organization’s attack surface, contact us at: info@wedgenetworks.com

For those organizations who already have a VPN infrastructure in place, WedgeARP can be easily deployed into their VPN Cloud to protect all connected systems and devices.  For those organizations who have not yet implemented a VPN infrastructure, Wedge provides professional services to help quickly set up remote offices with Microsoft Azure vWAN, secured by WedgeARP.  
Although it seems that Mr. McBride’s dire prediction looks very likely to come true, we believe that by incorporating solutions such as WedgeARP Secure Remote Office and Secure Home Office into your organization’s WFH infrastructure it may give you the chance of stopping “The Largest Cyberattack in History”.  Don’t be a victim.  As Benjamin Franklin once wrote,”An Ounce of Prevention is Worth a Pound of Cure”.

About Wedge Chief Scientist

Husam Kinawi, Chief Scientist Dr. Kinawi has a PhD and MSc in Computer Science from the Universities of Calgary, Canada and London, UK. In 1997, he co-founded Mpower Technologies Inc., a wireless telecommunications software company. In 1999, Dr. Kinawi co-founded ActiveIq.com (NASDAQ: AIQT), a Boston-based e-Business applications firm. Dr. Kinawi has over seventeen years of research and development experience working with industry leaders such as Newbridge (Alcatel), Siemens, United Technologies, and Apple in the areas of distributed information systems, embedded applications and wireless Internet solutions. Dr. Kinawi has also spoken at several major conferences, published several research papers, and is the holder of several patents in the area of mobile and wireless devices.
This entry was posted in Industry News, Latest Security News, Wedge News and tagged , , , , , , , , , , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

Before you submit form:
Human test by Not Captcha