UAE

Life and Living

World

Opinion

Business

Sports

Entertainment

Dubai World Cup

lifestyle

Travel

Reviews

Brands

Supplements

KT Events

KT APPDOWNLOAD

Being 'smart' also means prone to attacks

Top Stories

Embracing the bright side: A guide on how to cultivate optimism

The power of solitude: Why you should go on a solo trip

How to get your kids to read: Essential tips for parents
Being smart also means prone to attacks

GCC countries face increasingly sophisticated threats from cyber criminals, security experts warn.

by

Bernd Debusmann Jr.
  • Follow us on
  • google-news
  • whatsapp
  • telegram

Published: Sun 25 Oct 2015, 12:00 AM

Last updated: Sun 25 Oct 2015, 3:42 PM

The ever-increasing connectivity of the Middle Eastern countries, especially the UAE, means a higher risk of cyber attacks on an ever-wider range of targets, according to security experts.
Most analysts, speaking at last week's Gitex Technology Week in Dubai, were in agreement in saying that the concept of a high-tech "smart" nation poses a security risk that must be addressed because increased digitisation also means more opportunities for cyber criminals to gain access.
A recent threat report from F5 Networks, for example, found that more than half the UAE companies surveyed for a study had faced "distributed denial of service attacks" that took down their networks, often for several days.
Of these, 31 per cent said that the cost of recovery is between $20 and $30 million, with another 34 per cent estimating their recovery costs at $10 to $20 million.
Similarly, another security company, FireEye, found that the region - and the countries of the Gulf Corporation Council (GCC) in particular - ranks high on the list of targets.
"What we've seen is significant growth in the number and frequency of attacks in this region," said Darren Gale, FireEye's network and forensic tools lead for Europe, the Middle East and Africa.
"In terms of the density of commercial and government organisations, relatively speaking (the UAE) is definitely under attack, from a broad spectrum of entities."
The threats, Gale said, range from highly sophisticated cyber criminal groups to "hacktivists" and state-sponsored groups.
"Clearly, the economy here is driven by certain industries like financial services, and that presents an attractive target for some of the more sophisticated crime groups," he noted. In terms of potential cyber attack targets, Gale said that anything from oil and gas infrastructure to government ministries - even educational institutions facilities - might find themselves under assault. "The motivation is to gain access to the investments that those organisations have made in terms of information technology infrastructure, and to use that infrastructure to then launch attacks to other third parties."
Vulne rable sectors
Some security specialists noted that healthcare systems might be subject to cyber attacks, as they become more reliant on Internet-based technologies.
"In healthcare, you (can use the Internet) to consult patient dossiers remotely, or you can have a look at their history," said Vincent Lavergne, the director of Field System Engineering for EMEA South. "In healthcare you see more and more devices, which help the industry to be more efficient and professional, or to have information, like from a (smart) watch for alerts." "But these devices are not secure," he added. "We've started to see the impact of connected objects on several types of customers. Yes, it's changing the industry, but it's also having a big impact on infrastructure that consumes data and analytics. Security is a big concern."
Additionally, as oil and gas companies increasingly turn towards automated, remotely controlled systems, many analysts fear that they may be compromised, disrupted - or even crippled - by a cyber attack. Such concerns were highlighted regionally in 2012, when a virus hit 30,000 computers belonging to the world's largest oil company, Saudi Aramco, which replaced important files with images of burning American flags and deleted vast amounts of data.
It took two weeks for technicians to fully repair the system and caused damages of about $15 million. "Historically, there's been a clear segregation between information technology and operational technology. The physical infrastructure of industrial controls...has been segregated and run by a different team than IT," Gale said.
"But big data and digitisation projects have prompted organisations to open those networks to one another. That has increased the attack surface and presented a significant increase in opportunity for threat actors to gain access to those entities," he added.
According to experts, modernisation must go hand in hand with better security. Lavergne said: "Look at connected cars. It has nothing to do with smart cities, but in some ways it's the same principle. "There are different techniques that have been used to stop a car remotely, or to drive one. It's the same principle as in war. There's a weapon, and there will be a defence of the weapon," he added.
"The type and sophistication of attacks has increased, and we need to adopt the model of how to defend it. It's not easy."
bernd@khaleejtimes.com

Getty Images


Vincent Lavergne. Supplied photo
Vincent Lavergne. Supplied photo
Darren Gale.
Darren Gale.
Bernd Debusmann Jr.

More news from