As most of the organizations are increasing their digital presence in order to ensure business continuity during this COVID-19 pandemic. And this has led to the rise in cyberthreats finds NTT.
NTT, in its 2020 Global Threat Intelligence Report, has found that web application attacks are on the rise, and now account for 66% of all cyber threats seen in the MEA region.
The report further states that phishing attacks leveraging the virus have been seen as early as January 2020, even before the global pandemic was declared. Fake websites masquerading as official sources of information were created at rates exceeding 2,000 sites per day, with many of them specifically targeting the healthcare organizations.
“As countries across the Middle East reopen their economies, governments and businesses are rapidly reinventing the way they operate. Whether to engage with customers or to empower their own employees, organizations are becoming increasingly reliant on web applications such as customer portals and mobile apps as they shift their channel strategies from face-to-face to online,” said Paul Potgieter, Managing Director at Dimension Data Middle East. “An unfortunate consequence is that this widens the attack exposure of these businesses – a problem that is exacerbated by the incredible pace at which these changes have had to be made.”
In the EMEA region, the report found that the intruders secretly gathered information about systems for future attacks, often accounting for more than 40% of all attacks. The report also found that the industries most targeted in the EMEA region were insurance (50%), finance (44%) and retail (3%).
Additional highlights of the NTT 2020 Global Threat Intelligence Report:
• Attackers are becoming more innovative, using artificial intelligence, machine learning and investing in automation of attacks.
• Attackers are weaponizing the Internet of Things (IoT). Botnets such as Mirai, IoTroop and Echobot have advanced in automation, improving their propagation capabilities. Mirai and IoTroop are known for spreading through IoT attacks.
• Old vulnerabilities remain a target, with many attackers targeting organisations that have not patched their systems.