Harish Kumar GS, Head of Sales, India, and SAARC, Check Point Software Technologies
Cybercriminals tend to adapt their tactics to the never-ending changes in the business landscape, and the rise of remote and hybrid work arrangements has certainly provided them with a wealth of opportunities. The growing use of personal devices for business under bring-your-own-device (BYOD) policies has introduced new attack vectors for cybercriminals. Remote workers’ devices sit outside the corporate firewall, increasing their exposure to malware infections and other attacks. According to Check Point’s Threat Intelligence Report, in the last six months, an organization in India is being attacked on average 2146 times per week in the last 6 months, compared to 1239 attacks per organization globally. In fact, the country has seen a surge of 18 percent in weekly cyberattacks as compared to the previous years.
Many organizations have attempted to address the security threats of remote work by doubling down on endpoint security. Endpoint security solutions are a valuable component of a corporate cybersecurity strategy, but they simply are not enough to protect the company and its users against the cyber threats that they face every day. As per a report by PwC, 43% of Indian business executives say their organization has yet to fully mitigate the risks associated with remote and hybrid work. Hence, web security solutions are crucial to securing the remote workforce.
Endpoint Security Solutions Miss Web Browsing Threats
Endpoint security solutions, which provide strong protection against a wide range of potential threats, are a cornerstone of an organization’s defenses against malware infections and other endpoint security threats. However, there are some web-related threats — many of which companies face every day — that they do not provide adequate protection against.
Let us take a closer look at some of the most common web-related threats out there.
Zero-Day Phishing Attacks
Phishing attacks are a daily threat to most organizations. These attacks appeal to cybercriminals because they are easy to perform and automate and have a reasonable chance of success. The rise of AI tools like ChatGPT has also had a dramatic impact on this threat because it and similar tools can rapidly churn out novel, realistic-looking emails, and other messages for use in these campaigns. By eliminating the spelling and grammatical errors common in past attacks, these tools make phishing attacks much more difficult to detect and manage.
Phishing attacks can be used to accomplish a few goals, including delivering malware and stealing sensitive data such as user credentials. In general, endpoint security solutions are effective at catching the malware delivered by phishing attacks by detecting known threats or malicious functionality.
However, where endpoint security solutions fall short is identifying phishing emails designed to direct users to phishing pages that collect their credentials and other information. If these campaigns use new malicious domains or IP addresses and do not install known malware on the computer, there is no indication to an endpoint security solution that anything is amiss.
Password security is another widespread problem for most businesses. While everyone knows you should use strong, unique passwords for all your online accounts, most people use them for multiple accounts. In many cases, this password is weak and easily guessable by an attacker.
Password reuse can have significant negative impacts on an organization and its users. If a password is leaked in a data breach or exposed in a phishing attack, an attacker will identify all of the other accounts using the same credentials. For a business, this could result in the breach of sensitive data or an attacker gaining access to critical corporate systems.
An attack exploiting reused credentials will be invisible to an endpoint security solution. Authentication systems assume that only a legitimate user knows the correct credentials. If this is not the case, the attacker’s access may only be detected once they take some other malicious or anomalous action.
Trojan horses are a generic form of malware. By pretending to be a legitimate file, they trick users into downloading and running them. Cybercriminals have developed various, cunning methods of delivering trojans to users’ computers. In some recent campaigns, attackers have used paid advertising to make phishing pages delivering malicious downloads appear at the top of search results. When a user attempts to download a trusted piece of software, they get the malware instead.
Web Security is Critical for Endpoint Security
Endpoint security solutions are designed to protect the endpoint – yet where they can fall short is when that endpoint is used to browse the web or access remote applications and systems. Endpoint security solutions’ visibility is limited to the endpoint, so some threats may slip through the cracks.
To protect against these common threats that endpoints miss, companies also need web security solutions that address the threat of web browsing. With visibility into the browser, a web security solution can identify phishing pages, reused passwords, and malicious downloads that an endpoint security solution might miss. They can also automatically block access to malicious sites, check file uploads to the organization, reducing potential risk to the organization.