Cyfirma, an external threat landscape management platform company, has introduced a range of external threat visibility platforms for Middle East-based businesses — signaling a move that’s poised to arm regional enterprises with the tools required to curb emerging and existing cyber threats.
According to research published in the Global Risks Report 2022, through the pandemic, ransomware attacks increased by 435 per cent, and malware attacks by 358 per cent. These attacks have been increasing at a pace where societies haven’t been able to keep up and prevent or respond to them effectively.
DeCYFIR is the world’s first external threat visibility management platform with the capabilities to combine cyber intelligence with attack surface discovery, vulnerability intelligence, brand intelligence, situational awareness and protection against digital risk – all on a single pane of glass. The platform automatically correlates and attributes threat actor to motive, campaign and method, and help organisations predict cyberattacks targeting them.
DeTCT is the cutting-edge digital risk protection platform helping customers identify and monitor for vulnerabilities and potential attack vectors, develop an awareness of data leaks and breaches as well as the risks posed by third parties. Businesses can also subscribe to DeTCT to protect their brand and reputation by detecting copyright infringement and identity theft.
Kumar Ritesh, founder and CEO at Cyfirma, said: "We started Cyfirma to ensure every organisation can see through the hacker’s lens. We wish to stay ahead of today's threats, businesses need to know how attackers view their targets. We use our expertise in AI, cyber-intelligence and offensive security to build DeCYFIR and DeTCT so defenders can discover gaps, assess risks, and improve their security posture, all by simply keying in their domain names into our platforms."
“There are a number of key drivers that are defining the current Middle East cyber threat landscape – the ongoing volatile geopolitical climate, rapid digitalization initiatives, and the upcoming FIFA World Cup. Through our platforms, we are seeing an increase in cyber activities targeting critical infrastructure, oil and gas vertical, essential services and many other industries. These are hot targets for cybercriminals seeking to either advance their political agenda or financial gain. Cyfirma's external threat landscape management platforms will give defenders the advantage of gaining deep insights into their adversaries and be better prepared to thwart attempts at intellectual property theft, corporate espionage, civil disruption and other malicious agendas."
Sudhanshu Saroha, director, Tech First Gulf, added: “We are truly excited about this collaboration and introducing this cutting-edge technology to businesses in the Middle East. Over the past two years, businesses in the Middle East have become more and more vulnerable to cyber threats, and we are hoping that this collaboration will be a game-changer across all industries. These two platforms will now enable security experts to promptly discover imminent gaps, assess potential risks, and significantly improve their security. This will ultimately lead to enhanced business performance, boost productivity and inspire innovation across key departments."
Cyber threats to keep an eye on
Cyberattacks targeting FIFA World Cup
Based on Cyfirma's research, multiple hacking campaigns have started to target organisations related to FIFA World Cup and its sponsor companies. Hacking groups behind these campaigns are observed to be carrying out reconnaissance activities in preparation for attacks in the coming months. Targets include World Cup organisers, ticket dealers, critical infrastructure, and entities involved in the supply chain ecosystem. As a part of the reconnaissance activities, hacking groups have identified assets to exploit. The threat actor activities include website defacement, disruption of critical services, and temporary paralysis of IT systems supporting the event. We can also expect multiple phishing campaigns where hackers would be masquerading as the World Cup organising committee to lure unsuspecting individuals into divulging sensitive and confidential data.
The number of ransomware attacks targeting the Middle East has been increasing year on year and Cyfirma researchers expect the rate and scale of attacks to increase in coming months. Ransomware operators are continuously improving their techniques with an intent to intimidate and force victims to pay ransom. Most ransomware gangs are financially motivated and eager for ransom settlements. Damaging the data has also been another flavour that is observed at the core of many malware attacks. There are cases where the returned files are altered, resulting in damages. In a double whammy, the ransomware attacks can destroy the victims’ data, and even after paying the ransom, some victims still end up losing their files. Large organisations with multinational presence and influential economic and societal footprints are attractive targets as a break in their complex supply chain ecosystem would cause significant disruption thereby increasing the possibilities of ransom payment.
Spread misinformation and disinformation to create a bad name for the UAE
Given the complexities of technological, economic and societal change that has taken place in the last two years, cyberthreats targeting the UAE have also included the spread of misinformation and disinformation. Created by adversaries that cuts across national boundaries, the objective here is to give the UAE a bad name, destabilise the group and advance other commercial and political goals.
Create operational disruption using DDoS and damaging equipment
The oil and gas industries are the lifeline of nations in the UAE. This industry is highly vulnerable to cyberthreats as hacking groups have set their sight to cause widespread disruption and obtain massive ransom payments. The use of DDoS attacks and injection of malware to damage equipment are also two prominent methods used by attackers.
Given the evolving threat landscape triggered by the pandemic, uneven economic recovery, hyperinflation, supply chain disruption, increase in oil prices, Russia-Ukraine war, and compounded by the highly fragmented and volatile situation in the Middle East, we expect added risk in the form of cyber and digital threats.
With the Middle East threat landscape becoming increasingly complex, many business leaders recognise they cannot manage the challenge using conventional cybersecurity strategies and controls. Cyfirma's external threat landscape management platforms will provide advanced threat monitoring and analytics to help defenders establish effective controls around the organisation’s most sensitive assets and balance the need to reduce risk while enabling business growth.