Middle East faced wave of cybersecurity threats since start of pandemic - Arab News

Middle East faced wave of cybersecurity threats since start of pandemic - Arab News





RIYADH: Since the start of the pandemic, a wave of advanced threat campaigns targeting the Middle East have been discovered by Kaspersky, a global cybersecurity firm.


An APT is an attack campaign in which intruders establish an illicit, long-term presence on a network to mine highly sensitive data. The targets, which are carefully chosen and researched, typically include large enterprises or government networks.


The region has always been a hotbed for such attacks due to geopolitical factors.


Kaspersky researchers, keeping a close eye on the region for APTs, worked on 68 investigative reports related to 29 cyber gangs actively targeting the Middle East since the start of the pandemic.


The researchers issued 49 threat intelligence reports due to investigations associated with cyberattacks on the UAE, which endured the highest number of reports for all Middle Eastern countries.


The second highest was Saudi Arabia with 39 reports, followed by Egypt with 30. Kuwait and Oman had 21 each, while Jordan had 20. Iraq, Qatar and Bahrain had fewer than 20 reports each.


APT attacks primarily targeted government agencies, followed by diplomatic institutions, the education sector, and telecommunication institutions. Other targeted sectors included finance, IT, healthcare, legal, military, and defense.


Some of the APT groups investigated were Oilrig, WIRTE, Lazarus, and Sofacy.


Fatemah AlharbI, a cybersecurity expert and assistant professor at Taibah University, told Arab News: “PowerShell-based malware are utilized by advanced cyberattacks targeting critical infrastructures in Saudi Arabia.”


She said these cybercriminals were sending phishing emails that contained malicious Microsoft Office files impersonating legitimate entities.


To pass the firewall and the email protection techniques, she explained, these rigged files were protected by passwords and compressed as zip files.


“This approach facilitates the mission of these cybercriminals to take ..

Support the originator by clicking the read the rest link below.