JEDDAH: Remote working during the COVID-19 pandemic continues to present security threats and risks to companies and employees in Saudi Arabia, with 7 million cyberattacks hitting the country in the first two months of 2021, according to a new report.
The report, from cybersecurity firm Kaspersky, said that Saudi Arabia saw more than 22.5 million brute force attacks in 2020 on remote desktop protocols (RDPs), the most popular way to access Windows or servers. Brute force attacks are trial-and-error attempts to guess login information, encryption keys or find a hidden web page.
The number of attacks significantly increased by 104 percent in March to 2 million, compared to February when there were 983,512. The jump coincided with the government’s announcement restricting office work and other activities.
This situation is not exclusive to Saudi Arabia. The Kaspersky report showed that brute force attacks against RDPs skyrocketed to reach 3.56 billion globally with the switch to remote work.
Saudi cybersecurity expert Abdullah Al-Gumaijan explained three factors behind the recent increase in cyberattacks.
“When there’s political tension in the region, cyberattacks immediately rise,” Al-Gumaijan told Arab News. “Also, the utilization of cyberweapons increased due to attackers now realizing the value of such attacks as they continue to prove their power and damage. Therefore, the trends toward investments in cyberattacks are growing.”
The third factor, he said, was the pandemic. “With most people working from home, that means most organizations were forced to ease their security controls to allow their employers to access its environment remotely. This is another window opened to attackers. Flexibility in the paradigm contradicts with security. The more we go secure, the less flexibility we have.”
The report said that one of the most common attacks were against the protocols used by employees to access corporate resources remotely, emphasizing the need for cybersecurity awareness.
Also, most employees in the Middle East, Turkey and Africa region never want to return to pre-pandemic, traditional work paradigms, making the refinement of security measures a serious task for organizations of all sizes.
“People do not want to go back to traditional methods,” said Al-Gumaijan, adding that organizations and governments had realized that virtual mediums were an efficient way of working.
It was considered odd before the pandemic to hold official meetings virtually, he said, whereas nowadays summits at global levels were taking place online, eliminating costs and facilitating communication for everyone.
But this shift also suggested that cybercriminals would continue to attack, therefore organizations must increase cybersecurity awareness among their people, who had become the first line of defense.
“Companies that have good security maturity have now realized that they need to invest in awareness. This is the right response. We should adapt to change, it is good and healthy, cost-effective. You have to raise awareness instead of diving against the wave.”
The Kaspersky report said that more than half of employees believed that technology skills were the most important to develop. But, just as technical skills were important, so were cybersecurity skills.
“Remote work is here to stay,” said Emad Haffar, head of technical experts at Kaspersky. “Even as organizations begin considering re-opening their workplaces, many will continue to include remote work as part of their operating model or even combine working from home and the office in a hybrid format. That means it’s likely these types of attacks against remote desktop protocols will continue to occur at a rather high rate. 2020 made it clear that organizations need to enhance their security measures, and a good place to start is providing stronger protection for their RDP access,” added Haffar.
The company recommended that organizations enable access to RDPs through a corporate VPN, and the use of Network Level Authentication when connecting remotely.
Other steps are using corporate security solutions empowered with network threat protection, enabling multi-factor authentication, and automated security awareness services.