Early last year, a sudden and complete lockdown was enforced across the world. No one was really prepared for what lay ahead. As COVID19-induced lockdowns began to extend and employees across thousands of organisations took to WFH as the new normal, there was a tectonic shift in cybersecurity. As the world went into lockdown, so did cyber criminals. Remote workers with compromised security measures were the new targets, and cyber attacks in 2020 soared. According to Akamai's State of the Internet Report 2020, there was a 30% increase in Internet traffic in April last year, propelled by online learning, remote work, online content streaming and more. While the Internet's resilience shone through, there was no denying its vulnerabilities were exposed. 

"When we talk about digital transformation in huge enterprises or government functions, the pace of this transformation is rapid. Every time we build a security control, hackers find ways to evade that or create a new vector to exploit data. Personally, I find it fascinating how sophisticated and smart these attacks are, the pace of innovation here is also very nuanced and evolved. Attackers keep shifting the goalpost and as security vendors, our complexities are increasing. We keep asking ourselves what have we not looked at yet? This question is especially pressing with the advent of AI and ML that has made the cyber threat landscape more complex. It allows us to peel back the layers of research, and improve layers of protection," says Fernando Serto, Head of Security Technology and Strategy, Akamai Technologies. 

Serto has spent three decades in the IT industry. He started out as a developer, grew through the ranks and dabbled with different IT jobs like UX engineering, network and security. He joined Akamai Technologies nearly seven years ago to build a suite of products targeting the complex and dynamic IT environments that exist globally. So obviously, the security challenges brought on by COVID19 was like nothing Serto has encountered in his 30-year career. One of the reasons he attests to the complexity of cyber attacks is the "shift in tech surface". On an average, a person owns or operates about five devices - a smartphone, two laptops, a smart wearable and a personal gadget like Kindle or Xbox. Most notably, office-issued laptops are built-in with security features and applications. Some tech-aware users would do the same for their phones. But the majority of the tech-savvy general public remains vulnerable. The increase in these digital touchpoints, essentially created a well-laid out digital map for cyber attackers to play with. And this became very evident during the lockdown. "In the initial weeks of lockdown, most employees were working on unsecure digital environments and their organisations had little to no control over this. This was a goldmine for cyber criminals," says Serto. 

According to Akamai, there was a 440% increase in malware activity on devices last year, 134% increase in streaming activity, 67% increase in gaming, 23% increase in online chat and 37% increase in social media activity. With a threat landscape this diverse, it was Herculean task for security vendors to ensure device safety and integrity worldover. This is where Serto believes the role of technologies like AI and ML were paramount. "One of the main reasons AI is so crucial in the fight against cybercrime is due to its speed. We're in the business of staying ahead of the game and we wouldn't be able to do so if we didn't deploy AI and ML intelligently." Currently, detection capabilities developed by Akamai heavily rely on AI, while using a huge amount of supervised machine learning. Serto adds that one of the biggest challenges in this area is with self-learning algorithms where attackers can compromise even the learning abilities of algorithms and render them ineffective. "As we're neck deep in a digital-forward world, the use of AI in cybersecurity has to be supervised. While it offers a speedy response to threats, these systems cannot be left unchecked." 

In 2020, Akamai faced 21,518,050 million malicious DNS queries out of an aggregate of 109 billion,or about 299 million DNS queries per day. A relentless, round-the-clock strategy to stop these attacks at the point of origin was crucial and necessary. In March this year, Akamai announced the launch of Akamai MFA, a phish-proof solution designed to enable enterprises to quickly deploy FIDO2 multi-factor authentication (MFA) without the need to deploy and manage hardware security keys. Akamai MFA uses a smartphone application that transforms existing smartphones into a hardware security key to deliver a frictionless user experience. The solution leverages FIDO2, which provides end-to-end cryptography and a sealed challenge/response flow. Deployed on the Akamai Intelligent Edge Platform, Akamai MFA can be activated and managed centrally via Enterprise Center with global reach and scale for resilience and performance. One of the key layers of defense that Akamai uses is Enterprise Threat Protector, which uses Akamai’s research and data, augmented with third-party data, to identify malicious domains and block them at the DNS and HTTP level. It addresses several key elements used by criminals including exfiltration, command and control (C2), and phishing. "The acceleration of such enterprise sector products was massive in 2020, driven by COVID19 and the shift to remote work. We're constantly working to expand our solutions in line with the new normal of remote work, such as push notifications, web auth improvement and MFA that can enable employees to continue working remotely, but also securely."

Despite ramping up the cyber welfare arsenal with new-age tools and technologies, Serto hopes to see more organisational awareness, especially as governance becomes digital. While structured companies are very cyber mature, governments need to now focus on robust cyber policies, he says.