Aspire Secure – Aspire

Cybersecurity Challenges in the Digital Age and How to Improve – Part 2

subhi — Wed, 03 Jun 2020 13:38:23 +0000

Welcome to ‘Part 2’ of our cybersecurity awareness blog series. If you haven’t read ‘Part 1’ yet, please click here. At a later stage, we would also like to understand how you perceive some of these aspects, through a small survey that we will add to our social media pages. Kindly read on.

Organizations that want to minimize the risks of cyber threats need to be equipped with robust systems and always stay abreast in keeping the security measures up to date.

Digital transformation among the countries in the Middle East brings an added and growing exposure to the risk of security threats. Security researchers from Cisco Talos recently discovered a new remote access Trojan (RAT), which attacks a victim’s device to collect information on the victims’ computers. The RAT malware, dubbed “JhoneRAT”, mainly targets victims of Middle Eastern countries by checking keyboard layouts of the infected device.

It is also noted that the attackers have made use of various cloud services, such as file storage and synchronization services and survey administration apps, as part of the payload’s infection process. Researchers stated that JhoneRAT has targeted Middle Eastern countries such as the UAE, Saudi Arabia, Iraq, Libya, Algeria, Egypt, Morocco, Tunisia, Oman, Yemen, Syria, Kuwait, Bahrain, and Lebanon.

Countries in the Middle East are increasingly investing in cybersecurity activities to bolster their national cybersecurity capabilities and elevate the protection level of their critical national information infrastructures. The majority of countries such as Dubai and Saudi Arabia, have framed new laws aimed at fortifying electronic transactions and executing cybercrimes. Others have developed cyber warfare capabilities and doctrines, along with establishing policies for the protection of critical information infrastructure, cybersecurity protection plans and have vested responsibility for cybersecurity in existing agencies or directorates.

Many other countries such as Dubai, Egypt and Israel have established national incident response protocols and have begun building cybersecurity awareness and capabilities. These are all good steps toward improving cybersecurity. However, these steps alone will not hit the spot to manage the risks associated with the ‘smart’ world that we live in, that has become even more digital due to the current pandemic.

So, what can we do to prevent cyber-attacks?

Digital transformation is crucial for businesses in any industry in order to survive and grow in this highly competitive world. To thrive in such an environment it is necessary to make cybersecurity an essential part of the journey. Some of the active measures that can be taken to prevent security threats are as follows:

" class="vc_single_image-img attachment-full ld-lazyload" alt="" srcset="" sizes="(max-width: 1920px) 100vw, 1920px" data-src="https://aspire.jo/wp-content/uploads/2020/06/what-can-we-do-to-prevent-cyber-attacks.png" data-srcset="https://aspire.jo/wp-content/uploads/2020/06/what-can-we-do-to-prevent-cyber-attacks.png 1920w, https://aspire.jo/wp-content/uploads/2020/06/what-can-we-do-to-prevent-cyber-attacks-254x300.png 254w, https://aspire.jo/wp-content/uploads/2020/06/what-can-we-do-to-prevent-cyber-attacks-866x1024.png 866w" data-aspect="0.84544253632761" />

The journey to fortify your organization and personal data from cyber-attacks is to acknowledge that cyber and information security is a real threat. You should focus on building a detailed strategy for the protection of your business, and in order to do so, you need to stay updated with the latest developments in this space. One of the primary steps could be to build a separate department for cybersecurity, or hire a cybersecurity consultant or service provider in the Middle East, like Aspire, to empower your business. The techniques shared below can prove to be crucial in safeguarding your organization from cyber-attacks.

What can we do in order to minimize the risk of security threats?

" class="vc_single_image-img attachment-full ld-lazyload" alt="" srcset="" sizes="(max-width: 1920px) 100vw, 1920px" data-src="https://aspire.jo/wp-content/uploads/2020/06/minimize-the-risk-of-security-threats-in-your-organization.png" data-srcset="https://aspire.jo/wp-content/uploads/2020/06/minimize-the-risk-of-security-threats-in-your-organization.png 1920w, https://aspire.jo/wp-content/uploads/2020/06/minimize-the-risk-of-security-threats-in-your-organization-218x300.png 218w, https://aspire.jo/wp-content/uploads/2020/06/minimize-the-risk-of-security-threats-in-your-organization-742x1024.png 742w" data-aspect="0.72507552870091" />

(1)Willis Towers Watson reports that more than 90% of cybersecurity issues originate from human error.

Given the ever-evolving landscape of cybercrimes that constantly outsmart modern cybersecurity technologies, it becomes imperative for organizations to increase cognizance and implement advanced cybersecurity technologies. While we search for new ways to effectively combat advanced cyber threats, the informed end-user will always be a necessary component of cyber defense. Get secure today!

Cybersecurity Challenges in the Digital Age and How to Improve

subhi — Thu, 28 May 2020 11:49:33 +0000

Considering the relentless cyber-attacks happening around us amidst the pandemic, apart from tackling these attacks, it is also difficult to limit such vast security conversations to just a single blog! Therefore, this time we are going to share insights on this subject, in a two-part series of our cybersecurity awareness blog. At a later stage, we would also like to understand how you perceive some of these aspects, through a small survey. Also, if you haven’t read our latest cybersecurity blog on ‘16 ways to vaccinate your digital life in order to stay secure during COVID-19’, check it out here. Kindly read on.

Part 1:

Let’s not argue on the fact that the old IT world is evolving at a pace faster than light speed, and cybersecurity experts now have to deal with new threats every day. Today over 60% of total commercial transactions are done online, so this field requires a high quality of security for transparent and best transactions. Around 98% of companies are maintaining or augmenting their resources for cybersecurity and of those, half are increasing resources devoted to online attacks.

However, despite the best efforts from cybersecurity specialists, cyber-attacks have been affecting the government and numerous large, well-resourced companies. The cybercriminals or attackers are also getting smarter with each passing day. For instance, they are using spying software to track fingerprint movements on touch screens, thus causing loss of sensitive data that they can utilize for blackmailing an individual.

Cyber-attacks including phishing, malware, man-in-the-middle attacks (MiM), SQL injections, brute force attacks, among others, have made data and assets of corporations, governments and individuals, highly vulnerable to security threats. The attacks are not just restricted to the personal, financial and sensitive data of a business but they can even pose a threat to national security. Government agencies are the main target for cyber attackers or hostile foreign entities who seek to cause disruption, sow distrust and obtain classified or sensitive information.

Personally identifiable information (PII) is currently a gold mine for cybercriminals. Attackers obtain key pieces of PII, such as birth dates, addresses, phone numbers, social security or driver’s license numbers, in order to impersonate someone else.

Cybercriminals can use PII for more nefarious purposes that impact the victim directly, by applying for credit cards, filing fraudulent income tax returns, and applying for loans under the victim’s name. They can also use this data to blackmail, demand ransom, or steal your money.

I guess by now, we all must have heard about the recent attack on the US health department. The US Department of Health and Human Services (HHS) suffered a distributed denial-of-service (DDoS) attack on March 15, 2020. It is believed that the attack was designed to slow the department’s systems. The attack on the health department was first reported by Bloomberg which also suggested that the attack was linked to a text message-based disinformation campaign that wrongly suggested that there would be a nationwide quarantine on Monday. However, appropriate actions were taken by the government and the situation is now under control.

The latest attack happened a few days ago with Easyjet, where a highly sophisticated cyber-attack affected approximately nine million customers. Easyjet states that email addresses and travel details were stolen and that over 2.2K customers had their credit card details “accessed”. The company became aware of the attack in January, however it took time to understand the scope and identify who was impacted.

This kind of cyber-attack undermines the reputation and credibility of a nation or of an enterprise. Despite investing a remarkable amount of money into hiring security professionals, maintaining customer privacy and avoiding ransomware attacks, many organizations are unable to get control over the situation. The reason being the changing nature of hackers and the access to tools that outwit the latest security countermeasures.

So how does evolving technology actually affect cybersecurity?

" class="vc_single_image-img attachment-full ld-lazyload" alt="" srcset="" sizes="(max-width: 1022px) 100vw, 1022px" data-src="https://aspire.jo/wp-content/uploads/2020/05/image.png" data-srcset="https://aspire.jo/wp-content/uploads/2020/05/image.png 1022w, https://aspire.jo/wp-content/uploads/2020/05/image-300x200.png 300w" data-aspect="1.5029411764706" />

(1)AI expert, Ahmed Banafa’s recent article on AI Automation

(2)An audit from PureSec with information on Serverless apps

And what are the challenges surrounding cybersecurity today?

" class="vc_single_image-img attachment-full ld-lazyload" alt="" srcset="" sizes="(max-width: 1028px) 100vw, 1028px" data-src="https://aspire.jo/wp-content/uploads/2020/05/image-1-1.png" data-srcset="https://aspire.jo/wp-content/uploads/2020/05/image-1-1.png 1028w, https://aspire.jo/wp-content/uploads/2020/05/image-1-1-216x300.png 216w, https://aspire.jo/wp-content/uploads/2020/05/image-1-1-737x1024.png 737w" data-aspect="0.71988795518207" />

One of the most complicated elements of cybersecurity is the constantly evolving nature of security risks and advanced persistent threats. Even with emerging technologies and increased cyber regulations, cybersecurity is difficult, and threats are becoming more and more complex.

In our next blog, we will take a look at how to combat security issues, and how to build a comprehensive security strategy with multiple layers of protection and detection.

Stay tuned and if you want to get secure today, contact us.

16 ways to vaccinate your digital life to stay secure during COVID-19

subhi — Thu, 23 Apr 2020 12:48:46 +0000

COVID-19 and the current lockdown came as a surprise to us all. What isn’t a surprise is the urgency to protect our data. Cybersecurity has always been of great importance, and cybersecurity awareness is crucial in our current scenario. Piracy and phishing schemes have increased a lot over the past few weeks. Criminals are taking advantage of coronavirus anxiety to defraud victims online.

Some organizations had foreseen it, and others less. The exchange of data from our homes due to remote working, opens up vulnerabilities in computer systems. The risks of cybercrime including reputational loss are a great concern to both individuals and to companies.

The measures that need to be taken in order to stay protected are both based on technology and everyday actions. With that in mind, here are some simple ways to vaccinate your digital life in order to stay secure:

" class="vc_single_image-img attachment-full ld-lazyload" alt="" srcset="" sizes="(max-width: 1863px) 100vw, 1863px" data-src="https://aspire.jo/wp-content/uploads/2020/04/Picture2.png" data-srcset="https://aspire.jo/wp-content/uploads/2020/04/Picture2.png 1863w, https://aspire.jo/wp-content/uploads/2020/04/Picture2-300x175.png 300w, https://aspire.jo/wp-content/uploads/2020/04/Picture2-1024x597.png 1024w" data-aspect="1.7138914443422" />

" class="vc_single_image-img attachment-full ld-lazyload" alt="" srcset="" sizes="(max-width: 1817px) 100vw, 1817px" data-src="https://aspire.jo/wp-content/uploads/2020/04/Picture3.png" data-srcset="https://aspire.jo/wp-content/uploads/2020/04/Picture3.png 1817w, https://aspire.jo/wp-content/uploads/2020/04/Picture3-300x177.png 300w, https://aspire.jo/wp-content/uploads/2020/04/Picture3-1024x604.png 1024w" data-aspect="1.6949626865672" />

" class="vc_single_image-img attachment-full ld-lazyload" alt="" srcset="" sizes="(max-width: 1116px) 100vw, 1116px" data-src="https://aspire.jo/wp-content/uploads/2020/04/c66.png" data-srcset="https://aspire.jo/wp-content/uploads/2020/04/c66.png 1116w, https://aspire.jo/wp-content/uploads/2020/04/c66-300x163.png 300w, https://aspire.jo/wp-content/uploads/2020/04/c66-1024x558.png 1024w" data-aspect="1.8355263157895" />

IT security is constantly evolving. Threats and countermeasures are a never-ending race, however, certain fundamental practices remain essential and must be at the heart of the IT governance of every company. Think of this lockdown as a preparation test on how to minimize your vulnerabilities. For more advice and guidance on how to secure your business, click here.