Since last month, many residents have resorted to expensive alternatives like taxis, while others endure significantly longer travel times
Government, manufacturing, energy and telecom industries in the UAE and the Middle East are more likely to be targeted by cyber attacks. These groups penetrate using carefully planned multi-stage attacks aimed at specific economic sectors, a new study has revealed.
Released by Positive Technologies on Wednesday, the study revealed that the military-industrial complex, finance, mass media, IT and science and education were the other sectors that were mostly targeted by the cybercrime group.
Among the countries, Saudi Arabia, UAE, Israel, Jordan, Egypt, Kuwait and Lebanon were mainly targeted by the group through phishing emails and exploited vulnerabilities in public-facing applications.
Yana Avezova, a senior analyst with the Positive Technologies research team, said an overwhelming majority of groups active in the Middle East attacked governments and industry at least once. “It is worth noting that government agencies were the most attractive targets for all malicious actors in 2022–2023. These accounted for 22 per cent of total attacks on organisations in the Middle East,” said Avezova.
According to the report, two of the five most-attacked sectors, targeted by half of all groups, were telecommunications and the military-industrial complex.
Compared with other regions of the world, the study said Middle Eastern media, too, have often found themselves a target of cyberattacks and historically have ranked high on the list.
“Complex, targeted attacks begin with reconnaissance. Attackers may conduct extensive network scanning to identify suitable targets. This gives them enough information for the initial stage of penetration. The information may include a list of applications installed on the target server and its versions containing known vulnerabilities. After reconnaissance comes the preparation of tools for the attacks. Cybercriminals may register fake domains and create email or social media accounts for spear phishing,” said Alexander Badaev, an information security threat researcher at Positive Technologies Expert Security Centre.
According to Badayev, after successfully gaining initial access, the attackers seek to establish a foothold in the infrastructure. To do this, 69 per cent of groups leveraged the task scheduler, an OS component that runs applications or scripts at a predefined time or in response to a certain event, as in the case of a campaign that targeted the UAE government, where a group named OilRig created a MicrosoftEdgeUpdateService scheduled task that ran every five minutes, launching malware. Most attackers – 56 per cent – configured malware to auto-run. A third of groups – 31 per cent – gained a foothold in victim companies' systems by setting up malware to run on a certain event, said the report.
ALSO READ:
Since last month, many residents have resorted to expensive alternatives like taxis, while others endure significantly longer travel times
In authorised school buses, drivers and nannies are trained to conduct thorough checks of the bus before locking and leaving it
The trial, the first-of-its-kind in the region, involved a small-sized drone, which can carry two passengers for up to 35km
The mission urged them to avoid crowded places and follow safety instructions
The country also stresses the need to ensure the safe and unhindered flow of humanitarian aid and delivery of life-saving supplies
Being built on an island of almost 62 hectares, the resort will have 20 restaurants, some of which will be helmed by top chefs from worldwide
He said that his son Rohan, a pilot, often jokes about the reactions he gets when making announcements as the First Officer
The parents empasised that their relationship with their children has grown stronger and more affectionate since the incident