Complex Made Simple

The MENA is subject to cyberattacks and HR is a prime target

Threat actors launched approximately 5.4 million DDoS attacks in the first half of 2021, an 11% increase from the same time period in 2020. It’s one statistic out of many that are plaguing our world, and the MENA is not spared

One-in-10 (9%) prevented cybersecurity incidents could cause major disruption The UAE has seen 34 million malware attacks in just six months HR is the custodian of valuable company information, data that is highly valuable to cyber attackers

According to research from NETSCOUT’s ATLAS Security Engineering and Response Team (ASERT), threat actors launched approximately 5.4 million DDoS attacks in the first half of 2021, an 11% increase from the same time period in 2020, putting the world on track to hit close to 11 million DDoS attacks in 2021.

It’s one statistic out of many that are plaguing our world, and the MENA is no stranger to this.

Disruption severity

Cyberattacks are growing in complexity and employing evasive techniques to avoid detection by security solutions. Detection and prevention of such threats require seasoned threat hunters who can spot suspicious actions before they cause damage to a company.

According to anonymized metadata voluntarily provided by Kaspersky Managed Detection & Response (MDR) customers, one-in-10 (9%) prevented cybersecurity incidents could cause major disruption or unauthorized access to the customer’s assets.

The vast majority of incidents (72%) were of medium severity. This means that if these threats had not been detected by the service, they would have affected the performance of the assets or could lead to single data misuse cases.

The research revealed that almost every industry, except mass media and transportation, saw high severity incidents during the analyzed period.

Most often, critical incidents affected organizations from the public sector (41% of all high severity incidents were detected in this industry), IT (15%), and financial (13%) verticals.

Almost a third (30%) of these critical incidents were human-driven targeted attacks. Almost one quarter (23%) of high severity incidents were classified as high impact malware outbreaks, including ransomware. In 9% of cases, cybercriminals gained access to a company’s IT infrastructure using social engineering techniques.

Kaspersky experts also noted that current Advanced Persistent Threats (APTs) were typically detected together with artifacts of previous advanced attacks, suggesting that if an organization responds to a sophisticated threat, it’s often attacked again, likely by the same actor.

Also, in organizations experiencing APTs, experts often discovered signs of simulation of adversarial behavior, such as red teaming, or an assessment of a company’s operational security capabilities through a sophisticated attack simulation.

The full report is available here.

MENA attacks

The UAE has seen 34 million malware attacks in just six months, an increase of 7% compared to the same time last year, according to Kaspersky.

The country saw the most attacks of all the GCC states monitored by Kaspersky in the first half of 2021, as Oman experienced 14 million attacks, up by 67% on the first half of 2020, Kuwait at 11 million, up by 64%, and Bahrain at five million, up by 42%.

While Turkey saw the most cyber-attacks in the region at 44 million, the figure was a 4.4% decrease on last year, while attacks in Egypt increased to 42 million.

Maher Yamout, senior security researcher for Middle East, Turkey and Africa, Kaspersky, said: “Given the growth in digital transformation since last year and considering the increase in remote working resulting from the COVID-19 pandemic, countries of the Middle East have become an attractive target for those looking to exploit a lack of user education or cybersecurity understanding.”

HR under attack

Some professions are more susceptible to cyberattacks than others where they seek out a company’s weak spots.

According to IHS Markit, Dubai’s Purchasing Managers’ Index has jumped to 53.2 in July from 51 in June, which means the economy is expanding.

The index also states that the employment growth of the emirate has picked up to a 20-month high. As more hires are needed, the computers of Human Resources professionals (HRs) are especially at risk of cyberattacks, as they remain to be easily accessible, and in contact with a wide range of individuals. Their contact details are often present on the business website and on professional networking platforms.

They are also high-value contacts because HR is the custodian of valuable company information, data that is highly valuable to cyber attackers.

HR professionals are vulnerable to attack in 3 common ways. 

Incoming mail: Cybercriminals penetrate the corporate security perimeters by sending an employee an email containing a malicious attachment or link. Opening this link can release a virus, which can download personal files.

Access to personal data: HRs have access to all personnel data held by a company. By compromising an HR employee’s mailbox, access is opened.

Email hijacking: Here, a senior staff member’s mail account is hacked. It sends out emails to colleagues requesting fund transfers or the forwarding of confidential information.

According to Kaspersky’s cybersecurity awareness training whitepaper, more than 80% of all cyber incidents are caused by human error.