With cybercrime statistics showing a severe increase in data breaches, private data exposure and more targeted, politically motivated attacks, the Middle East region remains in dire need of a coordinated strategy aimed at addressing and dealing with such threats.
Statistics released by Dubai Police last year demonstrated that cybercrime in the Emirate saw a 136% rise between 2013 and 2015, amounting to a total of US$22.33 million in damages and lost revenue. While in the wider Middle East region, the number of compromised records due to data breaches rose by 50% in the first half of 2016 to over 10 million records1.
Global figures from 2016 show some 4.2 billion records were breached shattering the all-time high of 1 billion records exposed in 20132. The report revealed that the severity of the attacks climbed sharply while the number of attacks remained consistent.
Speaking on the sidelines of the e-Crime and Cybersecurity 2017 conference in Dubai, Mazen Dohaji, Regional Director Middle East, Turkey & Africa of security intelligence and analytics firm LogRhythm, said that cyber criminals and hackers targeted governments the most on a global level. “This trend is showing up in the Middle East, especially with more sophisticated targeted attacks such as the RanRan ransomware incident late last year.”
Named RanRan due to the debug path within the binary: C:\Users\pc\Desktop\Ran\Ran\Release\Services.pdb, the code was developed specifically to attack the government of Saudi Arabia for political reasons. “RanRan shows us how sophisticated these criminals are becoming. We do not yet know how the malware was deployed, how it’s being spread, nor the full extent of its payload,” continued Dohaji. “However, we do know that the more digitized our governments and citizens get, the more vulnerabilities will appear and be exploited by hackers.”
For many years, the natural response of governments in the region to such evolving threats was to individually invest heavily in preventative technologies and measures. “Today governments in the region must find capacity, technical and financial, to respond collectively to cybercrime,” he said. “Such responses should aim, not only to prevent, but to deter cyber criminals from operating in their jurisdictions.”
It is also essential for governments to share information together, and with the private sector, to make sure that a web of protection and deterrence covers as many vulnerabilities as possible.
“The good news is that as organisations improve their ability to quickly detect and respond to threats, the risk of experiencing a damaging breach is greatly reduced. At LogRhythm, our Threat Lifecycle Management platform clearly defines workflows aimed at achieving early detection of an incident early in the Cyber Attack Lifecycle to stop the treat in its tracks and avoid downstream consequences and costs,” concluded Dohaji.
Subscribe to our monthly newsletter
Keep a pulse on the latest business news in the Middle East. Subscribe now.