BAKU, Azerbaijan, April 9
By Sadraddin Aghjayev - Trend:
Cybersecurity specialists of the US Fortinet company annually publish forecasts of the future cyber threats, Shaig Samadov, regional manager of the company for the development of sales channels in Azerbaijan, told Trend on April 8.
“There are several major trends that await not only Fortinet but also other major analytical companies,” the regional manager added. "Today, many companies have switched to "remote work", as a result, employees of companies began to connect to the corporate networks from home. Connections are based on VPN encryption over the home internet.”
“The local internet in most cases is a very vulnerable way of connecting as its security is not ensured by the IT specialists of the company itself, and its hacking allows hackers to intercept all the transmitted traffic of the employee," Samadov said.
The regional manager stressed that employees' personal computers contain corporate (confidential) data.
"Such data include bank accounts and card data, corporate files of the company, photos and videos, as well as a number of other commercial and confidential data," Samadov said. “These types of threats are not new, they have always existed.”
"The existing traditional methods of attacks are always relevant and over time they only transform to new realities,” the regional manager said. “Connecting via a VPN is not an ideal technology for encryption and data transmission."
“Another sphere of cyberattacks this year is social engineering,” Fortinet analysts said.
"Some 70-80 percent of all major cyberattacks fall on social engineering,” the regional manager said. “Through these methods, hackers send relevant links to the target victim. Besides e-mail, threats are also made through phone calls."
“Hackers preliminarily study the information about their victim through social engineering,” Samadov said. "Preparation for social engineering consists in spying on the victim, monitoring his/her social networks and studying a person's habits. The industrial networks can be called the third sphere of cybercriminals.”
"In most cases, industrial networks are outside the protection from the cyber threat,” the regional manager said. “Energy and railway companies, plants and factories with in-house production have their own local network - SCADA.”
“The network manufacturers in the industrial sector do not care about its security,” the regional manager said. “Therefore, it is necessary to purchase additional solutions to protect its networks from external threats."
Samadov said that the automated devices of enterprises, despite being isolated from the networks, become targets for cyberattacks due to their IT infrastructure.
"Malicious software can be introduced into the company’s machines when their software is updated or when infected flash drives are used in the automated devices," Samadov said.
-------
Follow the author on Twitter: agdzhaev