Tariq Abbas, Director of Systems Engineering in the Middle East and Africa at Palo Alto Networks, a global company that works in the field of developing electronic security solutions, said that the need to provide more electronic security solutions in various countries and institutions is increasing dramatically, especially with the development and growth of the technology `sector at an unparalleled pace, and the digital technology landscape is constantly growing.
In an exclusive statement to “Al Jundi Journal”, he added that hackers and cybercriminals were able to adapt to the new lifestyles imposed by the “Covid-19” pandemic, and to take advantage of the spread of the epidemic to increase the intensity of their attacks.
He pointed out that the epidemic crisis posed a number of different opportunities and challenges to the information technology sector, and that Palo Alto Networks had no way to combat attacks and respond to them except by development, adaptation and innovation, as we had to adapt to the new standards and practices imposed by the pandemic, and work to ensure the security and integrity of information, and the smooth running of operations at the highest levels.
Challenges of digital transformation and exploitation of the epidemic crisis
Tariq Abbas stressed that cybercrime and its risks are not the result of the current situation, but the wave of changing ways and patterns of living and work that affected everyone in an unprecedented way during the pandemic, led to a change in the future course drawn for the reality of electronic security, as the countries that conduct digital transformation are witnessing a significant increase in the rate of attacks; one company is hacked around the world every three seconds, according to the latest figures released by the World Economic Forum.
He explained that all sectors are currently witnessing in various countries of the world the risks of major cyber-attacks, as a result of the application of work from home policies imposed by the pandemic and are still applied in many countries and sectors, and that the huge increase in the number of children who use home computers for the purpose of learning is imposed on electronic security solutions companies are huge challenges that necessitated them to sound the alarm and keep vigil to prevent the spread of attacks and breaches.
Abbas indicated that the attackers are still taking advantage of the epidemic crisis and expanding and developing their capabilities, as the profit-motivated attacks that disguised themselves under the slogan of combating the “Covid-19” virus are spreading widely around the world. “Unit 42”, the threat data investigation team at Palo Alto Networks, was able to closely monitor the cyber-attacks bearing the slogan “Covid-19” in various parts of the world, and was able to identify more than 40,000 websites that were recently registered as “high-risk” websites, and they hide behind a logo or name associated with the “Covid-19” virus. For example, many of these websites claim to sell face masks, hand sanitizers, and e-books related to the “Covid-19” virus, but they may only be a front for launching large-scale attacks with a profit motive. In many of these cases, no product is delivered after the purchase orders are completed, and instead the funds and personal financial data are stolen.
Security Gridlines and Recommendations
Mr. Abbas called for the need to find methodologies with high levels of proactive, and work to provide ideal products and solutions for the current stage and the post-epidemic stage, praising in this context the approach that the UAE is adopting with regard to protecting electronic security, as the UAE works hard to advance and lead in this field. It has launched many constructive initiatives and spends billions of dollars annually to enhance the cybersecurity scene, in conjunction with massive digitization processes in all sectors, from government services to education and the healthcare sector.
To maintain the highest level of security protection in the electronic field for institutions and individuals, Tariq Abbas stresses the need to implement the following recommendations and guidelines:
First: Finding and applying new methods and methodologies with high levels of security and safety to protect digital environments in all sectors, whether governmental or private.
Second: Developing a modern strategy in line with the cybersecurity context, including the upgrading of work practices from home to work from anywhere that contains highly reliable and secure digital assets. We urgently need more organized means and methods to monitor events and incidents, as well as monitor users and all networked devices.
Third: The necessity for institutions and companies to shift from the “cloud-is- first” strategy to the “cloud only” strategy, as institutions do not enjoy the sufficient luxury to allow them to postpone the implementation of cloud-based cybersecurity strategies. Automation should become the primary basis for cybersecurity defences, which greatly contributes to investing the time and budget of cybersecurity experts in carrying out more difficult tasks.
Fourth: Educating and enhancing employees’ awareness in all sectors about potential cyber threats, using multi-stage authentication mechanisms, and evaluating and limiting access privileges.
Fifth: Creating a database for previous attacks, whereby hackers can use the structure of these attacks as a starting point for launching and implementing a new wave of attacks. Not only does it strengthen the company’s electronic defenses, but it should also make it difficult for the attackers to penetrate the systems.
Sixth: Studying, examining and analyzing any suspicious calls, emails, and websites, or any links coming from unknown sources, not sharing any personal or financial details, and avoiding downloading untrusted applications, or excessive sharing of personal information via social media platforms.
Seventh: Use different and complex passwords for accounts, apply strong authentication and verification methodologies, work to change them frequently, and invest in high-quality firewalls, anti-malware and anti-ransomware systems, to early detect potential threats and prevent their spread.
Eighth: The use of artificial intelligence to manage electronic security, as artificial intelligence and machine learning technologies contribute significantly to automation processes, detection and response to threats, including checks of e-mail messages, developing anti-virus systems, and formulating a model of user behavior. » In this field, Alto Palo Networks introduces many protection platforms supported by artificial intelligence technologies such as Cortex, which simplifies operations and improves results, and the Cortex XDR platform to detect, inspect and integrate network data, terminals, and cloud.
Ninth: Dealing with extreme caution with IoT technologies that are witnessing a remarkable growth and are making a quantum and revolutionary shift in all sectors, as 98 percent of the total IoT data traffic is not encrypted, which may lead to the disclosure of confidential data on the network, according to the Threat Data Investigation Team. Palo Alto Networks “Unit 42”.
Tenth: Enhancing the level of readiness, flexibility, and response when switching to fifth generation networks, which carry a wide and varied range of benefits and advantages, as these networks have demonstrated their great importance for governments, as they play a fundamental role in implementing smart city launches with the aim of enhancing customer experience, including the launch of major events, so the issue of cybersecurity must be given the highest priority in this regard, otherwise all these benefits, advantages and capabilities of digital environments in light of the new generation will disappear. Companies operating the fifth generation of cellular networks should, besides companies supplying electronic security solutions, focus on three main points in order to accelerate the pace of responding to threats in real time, which are: protecting the cloud environment for communications ready to receive the fifth generation of cellular networks, providing the next generation of managed security services, and protecting the fifth generation of private cellular networks.
Interviewed By: Razi El Hadmi