Threats on the rise with ATM and Internet being the prime focus for the Middle East

Paladion Networks, the leading Information Risk Management provider with footprint in 30 countries worldwide including the Middle East, today released its latest Threat Intelligence Report with a special focus on the Middle East. The report is based on research by Paladion Labs, the research wing of Paladion Networks, over the year 2011. Paladion has been operating in the region for over eight years and has offices in the UAE, KSA, Qatar and Oman. In the Middle East, Paladion services over 105 customers in banking, telecom and government sectors. Paladion serves eight out of top 10 telecom companies and 20 out top 25 banks in the region.

According to Rajat Mohanty, CEO, Paladion Networks: “Our conclusions are based on first-hand experience of working in the Middle East with local and multi-national companies from various industry sectors. As revealed in the report, the InfoSecurity threat landscape within enterprises is shifting with changing times and the measures to deal with them are expanding. Overall, while threats are getting more financially motivated and targeted on applications, organizations have lower level of monitoring and higher vulnerabilities on application level which also stay open for much longer compared to network level.”

Firosh Ummer, Executive Director, Paladion Networks (UAE) further added: “Phishing as an attack form has gone down in the region last year. On an average, a bank would have faced around 400-500 phishing incidents last year and the average victim per attack was around 10-15 end consumers. While monetary losses from phishing can be absorbed by the banks, the impact on reputation and customer trust is higher.”

He said: “Given the dominance of certain geographies in attack sources, a differentiated security monitoring strategy with geo-mapping tools can be of value to organizations. Also, as Phishing as a threat is reducing its fizz, there is likely to be some other forms of attack to replace Phishing in near future, and financial institutions in the region  have to gear up other fraud management measures to protect Internet and ATM channels.”

As for the external attacks in the Middle East region, Paladion data shows that on an average, larger organizations face 50 intrusion attempts per month from outside the organization.

Interestingly the current threat scenario as seen in the report proves the importance of Application monitoring in future. However, today enterprises are more focused on monitoring the network periphery compared to Applications. And the need of the hour certainly demands a change in the focus towards the way security is managed at present.

The key findings from this report are as below. The data has been taken from Security Incident Monitoring, Phishing Monitoring, Vulnerability Assessment (VA) and Penetration Testing services carried out by Paladion for 260 companies and 14,000 assets. These companies are medium to large enterprises having a minimum turnover of USD 200 million and 2500 employees. They are spread across India, Middle East and South East Asia, representing various industry verticals.

  • Threats-      be it attacks or phishing- are not random, affecting all organizations      equally but are targeted more at bigger organizations.
  • External      attacks are clearly focused on breaching business applications and while overall      the external attacks (both application and network level) did not raise      much during the year, they rose substantially on the business      applications.
  • In      contrast, the security monitoring effort of organization is focused on      perimeter devices and monitoring of threats on applications level is very      limited.
  • On      the other hand, there was a clear decrease in phishing attacks on      financial institutions in the region. The average return for phishers is      also reducing due to faster takedown and lower victims per site. Phishers      still continue to target business days and business hours while increasing      the attacks during slack period of vacations or festivals.
  • Most      of the external attacks in India and the Middle East region are getting      routed through China and US.
  • Phishing      attacks however predominantly come through US and hardly any phishing      attack was seen routed from China.
  • On      the internal front, more than attacks or malware, it is the policy      violations and unauthorized changes that dominate the internal risks.
  • Security      monitoring is therefore more focused on operational issues such as      configuration changes, user account activity and policy violations.
  • On      the security management side, organizations have improved their network      vulnerability management with average vulnerability discovered per      assessment being 0.7 per asset. However the application level      vulnerabilities are high with average being vulnerability per application      per assessment.
  • Organizations      are facing challenges in managing closure of detected vulnerabilities.  While it is better on network level with half-life of vulnerabilities      being 1-2 months (half the detected vulnerabilities are closed by this time), on the application front the half-life is 3-4 months.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s