Cybercriminals will exploit reliance on mobile devices

Interview/ Gil Shwed, cybersecurity expert

Gil Shwed, CEO of Check Point Software Technologies, is considered the inventor of the modern firewall and has authored several patents such as Check Point's stateful inspection technology (dynamic filtering that monitors active connections to decide which packets to allow through the firewall). He has received numerous accolades, including the Israel Prize (the country's highest cultural honour), honorary doctorates from Technion - Israel Institute of Technology and Tel Aviv University, and the Global Leader for Tomorrow award by the World Economic Forum. In an interaction with THE WEEK, Shwed shares insights about the latest trends in cybersecurity. Excerpts:

Covid-19 resulted in a steady increase in the number of cyber attacks. What new kinds of attacks did you observe?

Globally, in 2021, one out of 61 organisations was being impacted by ransomware every week. We feel that threat actors will continue to target companies that can afford paying ransom. In May 2021, a US insurance giant paid $40 million in ransom to hackers. This was a record, and we can expect ransom demanded by attackers to increase in 2022. Ransomware attacks will become more sophisticated. Hackers will increasingly use penetration tools to customise attacks in real time and to live and work within victim networks.

Going forward, cyberattackers will target mobile devices as mobile wallets and mobile payment platforms are used more frequently.

We also observed that critical infrastructure has also become a prime target for cyber attacks; this includes water, electricity and cargo by sea, land and air. These attacks have huge implications not only on businesses, but also on communities, cities, states and entire countries. The consequences can be dire. In 2020, both a US natural gas pipeline and an Australian steel company operations were shut down until the attack was contained. In 2021, we saw the attack on the Colonial Pipeline in the US.

Additionally, we also observed that cloud adoption raced ahead of security as the pandemic saw organisations’ digital transformation programmes advance by over five years. While many organisations moved to the cloud, public cloud security is still a major concern for 75 per cent of enterprises. Also, over 80 per cent of enterprises found their existing security tools did not work at all or have only limited functions in the cloud, showing that cloud security challenges continue to be top of mind.

Going forward, cyber attackers will target mobile devices as mobile wallets and mobile payment platforms are used more frequently. Cybercriminals will evolve and adapt their techniques to exploit the growing reliance on mobile devices.

What kind of new cyber security threats are emerging in today's world and what kind of mechanism is emerging to deal with those threats?

We are living in an era of Gen V attacks, which are typically large scale and have the ability to inflict much damage. Unfortunately, most organisations are protecting themselves against Gen V attacks with Gen III solutions. Organisations should ensure that they have the appropriate solutions in place to prevent attacks without disrupting the normal business flow; majority of such attacks include the most advanced ones. To stay ahead of threats, organisations must be proactive and leave no part of their attack surface unprotected or unmonitored, or they risk becoming the next victim of sophisticated, targeted attacks.

In recent times, we have also observed a few key trends going ahead in 2022. We feel that supply chain cyber-attacks continue to increase and will become more common and governments will begin to establish regulations to address these attacks and protect networks, as well as collaborate with the private sectors and other countries to identify and target more threat groups globally. We have also seen that data breaches will happen more frequently at a larger scale and cost organisations and governments more to recover. In May 2021, a US insurance giant paid $40 million in ransom to hackers. This was a record, and we can expect ransom demanded by attackers to increase in 2022.

Besides that, cyber attackers will target mobile devices as mobile wallets and mobile payment platforms are used more frequently. Cyber-criminals will evolve and adapt their techniques to exploit the growing reliance on mobile devices.

What kind of precautions should organisations take to prevent new age cyber attacks?

I feel that organizations should focus on aspects such as real time prevention as vaccination is better than treatment even when it comes to cyber security. Real-time prevention of threats, before they can infiltrate the network, is the key to blocking future attacks. Besides that, securing everything as the new normal requires organisations to revisit and check the security level and relevance of their network’s infrastructures, processes, compliance of connected mobile and PC devices, IoT (Internet of Things) etc. The increased use of cloud computing means an increased level of security, especially in technologies that secure workloads, containers and server-less applications on multi and hybrid cloud environments. Many changes in the company’s infrastructure present a unique opportunity to check security investments. The highest level of visibility, reached through consolidation, will guarantee the best effectiveness.

What kind of role do ethical hackers play in dealing with cyber attacks?

Ethical hackers play an important role as you need to think like a hacker in order to develop the best threat prevention. Organisations work with them to uncover potential security gaps that malicious hackers could exploit.

What kind of innovations are happening in the cybersecurity space?

AI and machine learning are among the innovations in the cybersecurity space as most solutions are based on one or several detection engines which are built on human-made logic such as signatures or rule-based analysis. However, the velocity of malware evolution, the increasing number of devices and technologies and the huge amount of data make it impossible to keep the human-made models comprehensive and up to date. Relying solely on the traditional engines will leave the organisations exposed to the most damaging attacks.

How do you see cybersecurity shaping up?

Today we are in the era of Gen V attacks—larger in scale and more complex. Many organisations are still trying to protect themselves with older technology that can only protect them from Gen III attacks. This leaves a gap that cybercriminals can easily exploit.

Cybersecurity is a continuous battle between good and evil. Just as cybersecurity companies continue to focus on helping organisations beef up their defences with the latest innovation, cybercriminals are upping their game, leveraging new strategies and technologies.

What can governments do to make their systems secure from hacking and other cyber security breaches?

All organisations today, both in the public and private sector, face the threat of Gen V attacks, which have the capability to inflict huge damage. It is important to assess your environment and identify where the security gaps are in your organisation. The threat landscape will continue to become more sophisticated, and organisations should consider using consolidated security solutions rather than point solutions since this would be harder to manage. Also, traditional security tools are no longer adequate for handling the growing number of breaches and the dynamic, virtual, and decentralised nature of the cloud. Overcoming these challenges requires a unified, highly automated, and cost effective cloud security solution capable of detecting and handling threats across cloud environments.

What kind of research and development work is Check Point doing in the cyber security space particularly in the Firewall security space?

We are committed to developing the most innovative cybersecurity solutions. Our research arm, Check Point Research, provides leading cyber threat intelligence to Check Point Software customers and the greater intelligence community. The research team collects and analyses global cyber attack data stored on ThreatCloud to keep hackers at bay, while ensuring all Check Point products are updated with the latest protections. From the moment a breach is initiated, ThreatCloud begins sharing data across the entire network, providing researchers with the intelligence they need to deeply analyse and report on attacks. Check Point Research publications and intelligence sharing drive the discovery of new cyber threats and the development of the international threat intelligence community to keep one secure.

Why the Israeli firms dominate the cyber security space compared to other countries?

Israel is one of the world’s leading cybersecurity hubs because of its emphasis on developing cybersecurity expertise. There are various initiatives in both the private and public sector when it comes to developing cybersecurity skills. In fact, cybersecurity is given a lot of priority to the point that cybersecurity education starts in the middle school in Israel.

There is a great shortage of cyber security skills in a country such as India? What can be done to overcome this skill gap?

India, like the rest of the world, is facing a cybersecurity skills shortage. We place an important emphasis on cybersecurity skills training and certification. We also aim to make cybersecurity education accessible to all, and partner with various academic and non-academic partners to fulfill this mission. We recently launched Check Point Mind, a knowledge training portal, in collaboration with over 200 of the world’s most recognized training partners. Users can sign up with the portal for free, and choose from a wide range of courses and programs available from over 200 partners. Payment can be made through credit card or Check Point Learning Credits.

In addition, Check Point’s Secure Academy program brings a comprehensive cyber security curriculum to 100 universities and colleges globally and we are expanding the partnership with leading institutions such as New York University (NYU) on creating online platforms to engage students in cybersecurity education. The Secure Academy program on an average trains about 100 students per year. In India, we have partnered with over 15 universities and tertiary institutions. Hundreds of students have gone through this program in India.