Most organisations are facing imbalances between people, technology and processes, leaving vulnerabilities that attackers are ruthlessly exploiting
Dubai - The world witnessed several high-profile ransomware attacks in 2021, which had devastating economic ramifications for those targeted
Cyber attacks such as ransomware are here to stay, and when they hit an organisation, there is not much anyone can do about it, experts say.
Therefore, organisations have to be prepared to remain one step ahead of malicious actors by understanding the specific threats relevant to them, and bolstering their security posture to be more proactive in threat hunting.
Ashraf Koheil, director of Business Development for the Middle East and Africa at Group-IB, explained that today’s cyber-threat landscape is extremely diverse for big businesses, and at a user level as well.
“The Covid-19 pandemic has favored both small time scammers and sophisticated threat actors going after high-value large scale targets,” he told Khaleej Times. “The GCC region is home to some of the world’s biggest commercial hubs and is amidst a rapid digital shift. The UAE is leading in so many areas regarding technology and innovation; and cyber criminals haven’t fallen behind - bad actors are constantly reinventing their tactics.”
He noted that regional organisations have endured a ‘scamdemic’, that constitutes a significant threat to both organisations, which have their brand exploited by scammers, and end-users who easily fall for fraudulent campaigns misusing their favorite brands.
Scam and phishing, he explained, continue to thrive on the pandemic-driven increase in the time spent online.
“They grow in scale and sophistication,” Koheil said. “In December, Group-IB’s digital risk protection unit observed a worldwide scam campaign targeting users in more than 90 countries, including in the UAE, in which the scammers employed targeted links featuring fake branded surveys tailored to each victim. Such links are unique and will work only once and only for a specific use, which makes the scam extremely hard to detect and investigate.”
Ransomware on the rise
Rahil Ghaffar, regional director for the MEA at Virsec, noted that ransomware has been a persistent threat for large enterprises, government entities, and BFSI, and has caused considerable damage to these organisations’ reputations. The scale and sophistication of such attacks differ based on the target, he explained. In addition to ransomware, there has also been a rapid increase in targeted attacks against users. This includes phishing attacks and stalkerware, which intrudes the personal space of people, often with devastating consequences.
“It is critical for both users and enterprises to be able to identify and stop any potential compromises immediately before any damage is done,” he said. “Ransomware attacks are on the rise in the UAE. In fact, we have been approached by a few government and financial institutions, which were under constant attack from ransomware despite having multiple layers of security from leading vendors. We helped these organisations secure their server infrastructure against zero-day fileless and Remote Code Execution attacks with our unique, patented runtime protection technology.”
Stalkerware enters the scene
Hadi Hosn, CEO at Axon Technologies, noted that the amazing advances that have been seen over the years in technology, especially in this region, has connected us more than ever before, driving innovation, opportunity, and progress.
“The pandemic has also accelerated this trend, but we are likely still in the early stages of a long-term digitisation shift,” he said. “The shift is changing the way we live, work, and communicate, and it is transforming the critical systems we rely on in areas such as government services, finance, healthcare, and transport. The scale and speed of this shift introduces complexity, and risk to our businesses and everyday users. The past year alone has seen cyber attacks on hospitals and oil pipelines, schools, and businesses of all sizes.”
He added that 2021 was the ‘breakout year’ for ransomware and stalkerware. “While ransomware is not new, this year it received attention at the highest levels of government because it affected people’s ability to get health care, put gas in their vehicles and buy groceries. As for stalkerware, we have seen the Covid-19 pandemic prompt a surge in the use of stalkerware - which is originally marketed as employee or children monitoring services and for ‘good’ and ‘ethical’ purposes - but, as it is so often hidden, stealthy, and doesn’t require continual consent, can be used to abuse others or violate their privacy, such as remotely monitor and eavesdrop on phone calls, SMS messaging, Voice over IP (VoIP) applications, GPS/location data, messaging and social media apps, and to steal images and video from an infected device. It is often the case that stalkerware is installed through physical access to a handset and is most common on Android mobile devices.”
Managing human errors
Similarly, Werno Gevers, cybersecurity specialist at Mimecast, said that the pandemic has worked as a ‘force multiplier’ for existing threats in the UAE, giving birth to new ones. Irrespective of industry sector or location, remote working scenarios with employees shifting to their personal devices and not following established best practices, have created new cyber threats. With the shift toward remote or hybrid work models, and with global supply chains in a state of chaos, most organisations are facing imbalances between people, technology and processes, leaving vulnerabilities that attackers are ruthlessly exploiting.
“To protect themselves, their employees and their customers, organisations need a layered security strategy that defends against attacks within, at, and outside the organisation’s perimeter, and helps restore critical systems and data quickly in the event of a successful breach,” he said. “More than deploying secure gateways organisations need to understand that they need to manage human errors to mitigate the impact of internal e-mail threats that could disrupt their business. Another key factor that organisations need to consider is a robust security awareness training programme. With today’s a distributed workforce and an abundance of scams doing the rounds, the cost of human error escalates. So, organisations need to take steps adequately, to prepare them to spot these threats.”
business@khaleejtimes.com