Top five cyberattacks the Middle East attracts
With the cyber world dominating our lives, we are more prone to cyberattacks, as hackers are taking advantage of our vulnerabilities, and cyberattacks represent now a serious concern for organisations worldwide.
Security firm Cybersecurity Ventures predicts that the global annual cybercrime costs will grow from $3 trillion in 2015 to $6trn by 2021, which includes damage and destruction of data, stolen money, lost productivity, theft of intellectual property, theft of personal and financial data, embezzlement, fraud, post-attack disruption to the normal course of business, forensic investigation, restoration and deletion of hacked data and systems, and reputational harm.
Cyberattacks in the region
A total of 615 cyberattacks against government, semi-government and private sector entities in the UAE were foiled in the first ten months of 2017, according to a media statement.
The statement quoted the Telecommunications Regulations Authority (TRA) as saying that the largest number of attacks was recorded in January (136), 133 of which targeted government sites, in addition to three anti-private sector attacks.
According to the Arab Gulf States Institute in Washington, the UAE’s environment faces high cyber threats, largely due to the majority of its society being connected to the Internet – 85 per cent of UAE residents are online – as well as the UAE being now the global leader in smartphone penetration.
In the Arab Gulf states, cyberattacks targeting key installations cost an estimated $1 billion annually.
What are the five types of cyberattacks in 2017, expected in 2018 as well in the region?
Five types of current and planned cyberattacks in the region
Malware: A cyberattack using “Powershell” malware hit the Saudi government in November 2017, in an attempt by hackers to disrupt government computers. “The National Cyber Security Center has detected a new Advanced Persistent Threat (APT) that is targeting Saudi Arabia,” the government’s National Cyber Security Centre said in a statement, adding that the attack sought to infiltrate computers using email phishing techniques.
Virus: Shamoon 2, the computer virus that attacked Saudi Aramco in 2012, has returned to the Kingdom for the second time in January 2017, leaving at least three government agencies and four private sector companies offline for 48 hours.
According to Inc. Arabia, a platform for startups and entrepreneurs, Shamoon disrupts computers by overwriting the master boot record, making it impossible for them to start up.
“The 2012 Shamoon attack on Saudi Aramco is known to be the most destructive cyberattack on private business, ever,” it added.
Skimmers: Skimmers are essentially malicious card readers that steal data off the ATM card’s magnetic stripe attached to the real payment terminals so that they can strip data from every person that swipes their cards, as explained by pcmag, a magazine covering computer topics.
Such an attack took place in Abu Dhabi in March 2017, where the police arrested four hackers who allegedly stole more than AED1 million by installing skimmer devices on ATMs across the UAE.
According to state news agency WAM, hackers transferred the victims’ accounts to magnetic cards, such as hotel master keys and shopping loyalty cards that they later converted to credit cards to steal the funds.
Cryptojacking: According to CSO, a security news website, cryptojacking, or the online robbing of digital wallets, will be one of the cybercrime activities to watch in 2018.
“Cryptojacking activity began exploding toward the end of 2017 and we suspect that we will see far more activity in 2018, particularly as the value of cryptocurrencies escalates,” it said.
It explained: “An individual mining cryptocurrency could very well be mining for their own wallet, based on visitors to their own web properties. There is also a very likely chance within those circumstances that disclosed cryptojacking activity could replace advertising on sites to become an entirely new revenue stream.”
Ransomware: Infosec institute, an institute that offers information security training, reveals that ransomware will be the most dangerous threat to businesses and organizations worldwide in 2018.
“Once again ransomware will represent the most dangerous threat to organizations and end-users. The number of new Ransomware families will continue to increase; authors will be more focused on mobile devices implementing new evasion techniques making these threats even more efficient and difficult to eradicate,” it said.