As the world races to new and more advanced technology, we open ourselves up to different cyber threats. The cybersecurity infrastructure of an organization needs to be made a priority to ensure that the modern landscape we create remains safe for everyone.
Around the world, more governments are beginning to see the effects of cyber-attacks and are trying to instill a better understanding of cybersecurity practices for citizens. The UAE is no stranger to this as the country’s cybersecurity has now taken a central focus.
A Warning from the UAE Cybersecurity Council to Public and Private Sectors
Recently, the Cybersecurity Council of the United Arab Emirates advised private and public sectors alike to be more cautious to avoid the risk of cyber-attacks. The council also asked that a cyber emergency response system be put into place in cooperation with the authorities to share data and proactively prevent malicious attacks.
This comes after fears that threat actors may target national digital infrastructure and assets. Dr. Mohamed Al Kuwaiti, the Head of Cybersecurity for the government, revealed in a statement that the banking, financial, health, oil, and gas sectors are the most targeted sectors. He also noted that all these cyber-attacks are countered proactively and efficiently to protect the country’s digital sphere.
The importance of cyber hygiene practices was also stressed by the council. Organizations are encouraged to activate protection systems and cybersecurity policies while informing the authorities immediately about any suspicious cyber activity.
The United Arab Emirates has already taken to setting up legislature and practices to ensure secure digital transformation in the country.
Cybersecurity in the UAE
The United Arab Emirates is no stranger to taking charge in terms of cybersecurity. Al Kuwaiti also revealed that the UAE Cybersecurity Council works with its partners to prevent 50 000 cyber-attacks each day against the government’s infrastructure.
Ransomware attacks have plagued the country for a while. In 2021, it was reported that numerous businesses paid more than US$ 1,4 million in ransom - with 42% of them having to close down after the incident and 90% being attacked again.
The UAE cybersecurity chief went on the comment that at the start of 2023, ransomware attacks in the UAE have declined by more than 70% compared to the same time last year.
Al Kuwaiti stressed that the world was facing a “cyber pandemic” - a term he had previously used in November. While he admitted that the world was caught off-guard in terms of cybersecurity during the onset of the Covid-19 pandemic, he says that lessons have now been learned and we should all be better prepared to fend off bad actors in cyberspace.
This pandemic is not something bad; it is an opportunity that we actually need to leverage so we can innovate to build resilience against future challenges.Dr. Mohamed Al Kuwaiti, Head of Cybersecurity in the government of UAE
The country saw a 190% increase in cyber-attacks after the shift to remote working environments and experienced more than 15.8 million brute force attacks on Remote Desktop Protocols (RDP) in 2020.
He warned that remote working and online learning are set to continue which means that cybersecurity threats will always be present. According to the cybersecurity chief, organizations and individuals alike need to remain vigilant.
The UAE Cybersecurity Council tackles cyber-attacks in line with the country’s information security standards and policies. Al Kuwaiti has also confirmed before that the UAE has invested in advanced digital infrastructure and cybersecurity tools to effectively mitigate cyber-attacks targeting critical government authorities.
According to the Global Cybersecurity Index 2020 report, the UAE is ranked fifth worldwide in the Global Cybersecurity Index of the International Telecommunication Union of the United Nations. The report measured 193 countries for their cybersecurity infrastructure in terms of:
- Legal measures
- Technical measures
- Organizational measures
- Capacity development measures
- Cooperation measures
With each pillar weighing 20 points, the UAE achieved a total score of 98.06 out of 100 with full scores in terms of legal measures, capacity development, and cooperative measures. This was a huge jump in its rank from 33rd in the 2019 report and the country now shares its position jointly with Russia and Malaysia.
Al Kuwaiti told The National that while the move towards technology is great for humanity, services, and communities, it also presents certain risks.
However, the country’s cybersecurity chief is adamant that the UAE will emerge successful in the fight against cyber threats. “The UAE is at the forefront of creating a state-of-the-art and secure digital infrastructure to help drive the country’s digital economy growth,” said Al Kuwaiti.
He went on the share that the Cybersecurity Council is determined to build a system that protects all vital sectors in the country – adding that continued partnerships and resilient digital security will strengthen the UAE’s leading position globally in various fields.
Recent Cyber-Attacks in the UAE
The United Arab Emirates is no stranger to digital threats. We’ve put together a short list of some of the cyber-attacks the country has faced in the past.
In 2019, the Cheers Exhibition company was the victim of an elaborate phishing attack. The company builds and installs exhibitions for different organizations and has been on the market for years.
Binu Manaf, Cheers Exhibition's CEO and managing director, revealed that a cybercriminal hacked his firm’s email and used a spoofed email to bait its client into wiring funds into an overseas bank.
The company only realized that the server had been hacked after one of the clients called them on the phone to ask what it was about. The hacker had been scouring through correspondence containing details of ongoing contracts and outstanding payments and was able to take control of the company’s website.
Unfortunately, by the time the company figured out what was happening, the hackers had already gotten another client to transfer over US$ 53,000 overseas.
Careem Data Breach
Careem, the ride-hailing company based in Dubai, revealed that it was the victim of a cyber-attack in 2018. The company is a subsidiary of Uber and offers lifts or food delivery options.
The hackers gained access to the company’s data storage system for 14 million riders and 558,800 drivers. They included email addresses, phone numbers, and trip histories. Fortunately, password and credit card information could not be taken as they were encrypted.
The company assured that it takes the protection of customer and driver data very seriously and that no evidence of fraud or misuse from the stolen data has been seen.
UAE Invest Bank
The UAE Invest Bank was breached in 2015 by someone named Hacker Buba who demanded US$3 million in bitcoin. The hacker broke into the bank system and stole transaction data, credit card numbers, and authorization codes.
The bank openly rejected the ransom offer and the hacker subsequently published the stolen data on Twitter. The hacker also tried to convince the editor of the reporting Dubai newspaper to help in convincing the bank to pay the ransom – promising the editor 5% of the received amount.
Fortunately, there was no financial loss from the cyber-attack.
Moorfields Eye Hospitals
One of the oldest centers for treating, teaching, and researching ophthalmology had its UAE branch hacked in 2021. The Dubai Moorfields Eye Hospital was the victim of a cyber-attack. The hackers went on to steal 60GB of data that included copies of ID cards, insurance claim forms, accounting documents, hospital call logs, internal memos, and more.
Ransomware group, AvosLocker, claimed responsibility for the attack. The hacking group either sent an email or an ad with the malware and then later proceeded to encrypt the data. The hospital went on to contact all the affected patients.
Image source: https://securityreport.com/
Naturally, all these cyber-attacks have made the UAE more cautious and encouraged people globally to take cybersecurity more seriously. To do that, you have to arm yourself with the right tools and services.
Sangfor Security Solutions
Sangfor Technologies is a leading cybersecurity and cloud infrastructure provider. The range of advanced and integrated platforms and services offered by Sangfor will ensure that your organization – whether big or small – remains protected.
Sangfor offers a variety of tools to boost your cybersecurity posture – including:
Sangfor’s Next-Generation Firewall
The Sangfor Next Generation Firewall (NGFW) is used in conjunction with Endpoint Security to identify malicious files at both the network level and endpoints.
The advanced firewall is a security device designed to inspect network and application traffic for threats, secure the network environment from intrusion, and bring in security intelligence from outside the network.
Anything that the on-premises features cannot analyze is automatically sent to the cloud-based Neural-X sandbox for isolation and critical inspection.
Sangfor’s Endpoint Secure (EDR)
This advanced Endpoint Secure technology provides integrated protection against malware infections and APT breaches across your entire organization's network – all with ease of management, operation, and maintenance.
Sangfor’s Cyber Command Platform
Finally, this Network Detection and Response (NDR) platform monitors for malware, residual security events, and future potential compromises in your network and is coupled with our advanced Threat Intelligence technology and an enhanced AI algorithm that can keep you updated on any vulnerabilities detected.
Sangfor’s astounding capabilities have its reach in the UAE as well. Watch this interview with Mr. Jatin Doshi of Spollex Distribution who has partnered with Sangfor in Dubai for the last 2 years. The company made use of Sangfor’s efficient Next-Generation Firewall.
Additionally, read the success story of another client of Sangfor’s based in the UAE who also made use of Sangfor’s Hyper-Converged Infrastructure (HCI) and Internet Access Gateway (IAG) solution.
Make the smart choice for your company and choose Sangfor for a proactive approach to cybersecurity that will keep your network safe.
For more information on Sangfor’s cyber security and cloud computing solutions, visit www.sangfor.com.