Bombs away: A closer look at terror tactics used by cyber criminals on you
In the last four months, 35 cyber attacks had minor impact on UAE businesses, and another 85 had a medium effect, as reported by WAM.
Low or Medium, these attacks are always scary.
Out of the 155 UAE attacks in Q1, 35 of those had a significant impact, but the Telecommunications Regulatory Authority (TRA) said that these attacks had seen a 48% decrease over the same period last year.
But what no one is looking at is Cyber-Terrorism, not the politically motivated one, but still, one which is a growing issue waiting to blow up in everyone’s faces.
45% cyber-attacks involved fraud and phishing during Q1 2018 according to WAM, and a further 26% cyber-attacks aimed to leak information, while others involved defamation and similar purposes.
These are the kind of cyber attacks that basically terrorize their victims.
The Criminal Actor
According to Stratfor, a business intelligence site, there are definite similarities between the criminal and terrorist attack cycles.
All criminals must progress through the cycle by selecting their target, planning the crime, conducting the offense and escaping, even though some do so in a condensed time frame.
There is a massive difference in the amount of time a kidnapper spends selecting a target and surveilling him or her for weaknesses compared with the time a lurking mugger takes.
“Nevertheless, the process is still being followed, albeit in a different order,” said Stratfor.
“The criminals who pose the most significant threat by using information posted online are those who operate more like stalking predators, such as a lion surveying a herd and looking for the most vulnerable animal.”
Such criminals can include burglars, kidnappers, scam artists, and extortionists.
“And in such cases, people make themselves more desirable targets by standing out from an array of potential victims,” stressed Stratfor.
“They do this by providing information about their wealth or possessions and by publicizing their whereabouts on social media.”
These details can be used for the target-selection and planning phases of the criminal cycle.
Stratfor uses the example of the high-profile armed robbery of Kim Kardashian in October 2016 at a chic Paris hotel is a textbook example of such a case, as well as the latest in a string of burglaries targeting celebrities in Los Angeles in recent years.
In phishing and ransomware attacks, social media can not only be used to collect intelligence for target selection and planning, but it can also serve as the conduit for the attack itself if infected files or URLs are passed over social networking apps, according to Stratfor.
It said Iranian intelligence agents did this in their hack of professional services firm Deloitte, and this leads us to the use of social media in human intelligence recruitment.
Recruiting a Human Intelligence Asset
Human intelligence recruitment has three basic segments: spotting, developing and pitching.
In the spotting phase, recruiters try to determine a list of the people who have access to desired information and then assess who among them will be the easiest to approach and recruit.
Developing is establishing a relationship with the target to make a recruitment pitch.
And pitching is just that, using whatever approach whether money, ideology, coercion, ego or something else this will allow the human intelligence practitioner to recruit the target as a source.
In the Deloitte hack, agents approached potential targets using the social media profile of an attractive woman, “Mia Ash,” and based on their responses to the contact request, worked on developing those deemed the most receptive.
GCC under attack
Businesses, consumers, and governments in the GCC have reported cases, where they were subjected to malware emails, ransomware and the great interest generated in the rise of cryptocurrency, gave impetus to what is called “crypto jacking” aimed at mining using your computers and/or robbing e-wallets from digital currencies in them.
There were also reports of a malware attack against safety and control systems at a Saudi Arabian petrochemical company last year, an attack that could have triggered an explosion, according to Arab News.
New research from security firm Symantec found that one in 175 emails in Saudi Arabia is blocked as malicious, which exceeds the global average of one in 412, the site reported.
Incidents of spam and phishing emails in the Kingdom exceeded the global averages too, a new internet report released in March found.
The UAE also struggles with cybercrime, with one in 238 emails blocked as a suspected malware attack.
Haider Pasha, chief technology officer for the emerging markets at Symantec Middle East, told Arab News that the Gulf is seen as an attractive target for cyber attacks due in part to the number of large and strategically important companies based in the region, and specifically in Saudi Arabia.