Organisations must fight cybercrime with new tech tools

Several intelligence agencies worldwide are now exploring the adoption of AI to counter cyber threats.

IT security teams across the UAE have to focus on having a cybersecurity plan that makes use of the latest in technology such as Artificial Intelligence (AI) to protect against cyberattacks.
New research by the Dubai Future Foundation (DFF), in its 11th 'Life After Covid-19' report, identified a surge in cyberattacks worldwide following the outbreak of the pandemic and the growing dependence on digital infrastructures. The report attributes the rise in cyberattacks amid the global outbreak to the increased vulnerability of digital infrastructures to opportunistic hackers looking to exploit this digital dependency, even while IT departments and IT security teams continue to work remotely.
The report highlighted how new technologies are being leveraged continuously to keep cybersecurity platforms. Several intelligence agencies worldwide are now exploring the adoption of AI to counter cyber threats. Machine learning is also a powerful solution to analyse data sets and identify patterns and connections in attacks at far greater speed than intelligence officers can do through conventional means.
For the short term, the report noted that government entities may consider implementing AI-based cybersecurity systems to provide ongoing analyses of cyber threats and potential attacks. In the long term, the report anticipates that as technology advances, cybercriminals and their attacks will become more sophisticated and difficult to combat. Quantum computing will ultimately become a critical factor in cyber security to help analyze and repel attacks within seconds.
Data published in the report showed that phishing e-mails alone have increased by over 600 per cent since February, with attackers targeting individuals and institutions through e-mail hacking and suspicious links, seeking to acquire log-in details and financial information. During the first week of April alone, Google blocked 18 million phishing e-mails on its platforms.
Mimecast's fourth annual 'State of E-mail Security 2020' report, revealed that 77 per cent of global respondents say that they have or are actively rolling out a cyber resilience strategy. In the UAE, 80 per cent of respondents are doing the same. Yet, 60 per cent of respondents in the UAE, and globally, believe it is inevitable or likely they will suffer from an e-mail-borne attack in the coming year. UAE respondents cite data loss, a decrease in employee productivity, and business downtime due to a lack of cyber resilience preparedness.
"We're seeing the same threats that organisations have faced for years playing out with tactics matched to world events to evade detection. The increases in remote working due to the global pandemic have only amplified the risks businesses face from these threats, making the need for effective cyber resilience essential," said Joshua Douglas, vice president of threat intelligence at Mimecast. "It's likely that cyber resilience strategies are lacking key elements, or don't have any at all, depending on the organisation's maturity in cybersecurity. Security leaders need to invest in a strategy that builds resilience moving at the same pace as digital transformation."
According to the Dubai Future Foundation, the healthcare sector is among the most vulnerable to cyberattacks in the prevailing landscape, with hospitals, medical centers and public institutions being the target of ransomware attacks. Cybercriminals are using the health crisis as an opportunity to sell fake medical supplies and promoting sales of bogus or non-existent medical products.
In addition, the financial and oil sectors are also vulnerable and incurring huge losses from cybercrimes. Several oil companies have been targets of phishing e-mails, purportedly sent on behalf of a real oil and gas company. In most cases, the hackers are looking to acquire personal or sensitive data on individuals and oil production, information they can then sell on the dark web. Although phishing is one of the cheaper and easier forms of cyber-crime, there have been other types of cyber-attacks. For example, cyber-criminals have also created more than 100,000 new Covid-19 web domains in an effort to trick individuals into giving out their personal data.
- rohma@khaleejtimes.com