Complex Made Simple

Remote work cyber protection lacking: GCC region under attack

39% of the companies experienced a videoconferencing attack in the past three months as workers rely on apps like Zoom, Cisco Webex, and Microsoft Teams. The region was not spared

39% of the companies experienced a videoconferencing attack in the past three months 31% of companies reporting daily cyberattacks and half (50%) being targeted at least once a week cyber attacks on businesses in the UAE and Saudi end up costing the victims around $6.53 million per attack

Acronis, a global leader in cyber protection, said businesses are struggling to safeguard their data and infrastructure against the risks of the new remote work landscape. 

The Acronis Cyber Readiness Report surveyed 3,400 global companies and remote workers in the wake of the ongoing COVID-19 pandemic and revealed that 92% of the companies say they’ve adopted new technologies to enable remote work, including workplace collaboration tools, privacy solutions, and endpoint cybersecurity. 

The Acronis Cyber Readiness Report reveals that as hackers target remote workers, phishing, distributed denial of service (DDoS), and videoconferencing attacks are the most common tactics used. 

Survey results

39% of the companies experienced a videoconferencing attack in the past three months as workers rely on apps like Zoom, Cisco Webex, and Microsoft Teams. 

Cisco recently revealed a vulnerability in its Webex app that could allow attackers to open, read, and steal potentially valuable or damaging content. 

Malware attacks such as ransomware also have increased during the pandemic, with 31% of companies reporting daily cyberattacks and half (50%) being targeted at least once a week, including in July when a leading manufacturer of GPS technologies allegedly paid $10 million in a WastedLocker ransomware attack. 

35% of customer endpoints were exposed to malware attacks while Phishing attacks are occurring at historic levels and approximately 10% of users clicked on malicious websites in May, June, and July. 

88% of the remote workers surveyed by Acronis expect to work from home to some extent even after the pandemic ends. 

Read: The latest course, security tips, and cyber awareness on working from home

Cyberwarfare in the GCC 

About 31% of companies around the world are attacked at least once a day. The UAE followed India which reported almost twice as many attacks per day as any other country. 

A new report from IBM found that cyber attacks on businesses in the UAE and Saudi end up costing the victims around $6.53 million per attack, compared to the global average of $3.86 million.

The cost of data breaches had risen by 9.4% compared to the same time last year.

In the UAE and Saudi, data theft was a prime motivation for cybercriminals, with the average cost of a breach working out at $188 per stolen record, an 8.5% increase from the 2019 figures.

The report found that 59% of data breaches in the UAE and Saudi were as a result of malicious attacks, while 24% were due to system errors and 17% were down to human error.

According to a report produced by UAE-based cybersecurity firm Dark Matter, breaches in the Middle East are “widespread, frequently undetected, and increasingly appear to be state-sponsored motivated by “espionage and then sabotage, targeting industries such as oil and gas, energy, and shipping.

Read: 5 principles of cyber hygiene

Instances of data breaches in the region

In January, Cisco Talos disclosed the details of a new Remote Access Trojan (RAT) and named it “JhoneRAT.” The malware dropped to the victims via malicious Microsoft Office documents, attempts to gather information on the target’s machine and then uses multiple cloud services such as Google Drive, Twitter, and ImgBB. The particular RAT was attempting to target a specific set of Arabic-speaking countries like Saudi Oman, the UAE, and Bahrain.

Saudi Arabian authorities reported that data-wiping malware dubbed “DUSTMAN” hit a regional enterprise, later reported being BAPCO, Bahrain’s national oil company. DUSTMAN was “detonated” on Dec. 29. 

Previously unknown hacking tools targeted transportation and shipping organizations based in Kuwait between May and June last year, according to Unit 42, the global threat intelligence team at Palo Alto Networks.

The cyberattack campaign was likely related to activity also targeting Kuwait between July and December 2018. 

Dalil, a popular communications app in Saudi Arabia and the biggest phone directory in the kingdom suffered in March 2019 a data breach affecting more than 5 million users. White-hat hackers were able to access millions of customer data without the need or authentication, evidence of the weakness of the company’s data security and privacy measures.

The UAE’s telecoms regulator recorded an 11% monthly rise in cyber attack attempts against the country’s federal government entities in March this year.

More than 34,930 attempts were stopped and 59% of the cases were related to malware, 34% were attempts to exploit systems and more than 6% were phishing attempts.

As many as 82% of organizations in the UAE faced at least one cyberattack in 2019, while 51% reported multiple incidents, research by cybersecurity and compliance firm Proofpoint revealed.

Account compromise led cyberattack methods in the UAE in 2019, impacting 28% of the companies surveyed, followed by credential phishing (20%) and insider threats (17%).

Reuters reported said Saudi has been the target of frequent cyberattacks, including the “Shamoon” virus, which cripples computers by wiping their disks and has hit both government ministries and petrochemical firms, the latest of these was in 2017.

Aramco, which pumps 10% of global oil supply, experienced its largest cyberattack to date in August 2012, when a Shamoon virus attack damaged around 30,000 computers.

Hackers accessed the names, email addresses, phone numbers, and trip data of anyone who signed up for Careem prior to January 14 numbering 14 million riders and 558,800 drivers.