UAE businesses hit with growing wave of ransomware attacks

Dubai - Experts say that the cyber threat landscape across the UAE is constantly evolving, with attacks becoming more malicious and sophisticated

A growing number of organisations across the UAE have revealed that their businesses were disrupted, and that they ended up facing financial losses, as a result of a growing wave of cyberattacks, new research has shown.

According to the most recent Mimecast ‘The State of Email Security’ report, 78 per cent of businesses in the UAE indicated they had been impacted by ransomware in 2020, a massive increase from the 66 per cent of companies that reported such disruption in the previous year. Companies impacted by ransomware lost an average of six working days to system downtime, with 29 per cent of the companies in the UAE saying downtime lasted one week or more.

The report also showed how deadly the attacks were, with 43 per cent of ransomware victims saying that they paid the ransom demands, but only 44 per cent of those were able to recover their data. Also, 56 per cent said that they never saw their data again, despite paying the ransom.

Despite facing an elevated threat volume, the report found that companies aren’t doing well in the area of threat prevention. A full 86 per cent of respondents indicated that their companies had experienced a business disruption, financial loss, or other setback in 2020 due to a lack of cyber preparedness – this is compared to 79 per cent globally.

In addition, 50 per cent of the respondents in the UAE said that employee naiveté about cybersecurity is one of their greatest vulnerabilities, and yet only one in five respondents indicated they have ongoing security awareness training in place. Given these factors, it is not surprising that 75 per cent of survey respondents in the UAE believe their business will be harmed by e-mail attacks in the next year, compared to the 60 per cent of respondents who said they felt this way in 2020.

Another recent survey by Kaspersky also hinted on how a lack of employee awareness is a major cause for concern. According to an analysis of cyberattacks in the UAE in 2020 by Kaspersky experts, users are more likely to face attacks from malware hidden within their devices. Such threats are classified as ‘local’, which means they are detected either on a user’s devices or on portable data storage devices, such as flash drives. In 2020, 32 per cent of Kaspersky private users and 24 per cent of all corporate users in UAE were attacked by such threats. In comparison, web attacks affected only 12 per cent and eight per cent, respectively.

Kaspersky also noted that there has been an increase in the sophistication of such threats – which may be hiding on the user’s device within a seemingly legitimate file for a while, to fly under the radar, and only strike later.

“The cyber threat landscape across the UAE is constantly evolving,” says Denis Parinov, a cybersecurity expert at Kaspersky. “A few years ago there were many more drive-by attacks – when different malicious software is downloaded and run while the user simply browses the Internet. Nowadays, most of the web-threats ‘stays in browser’: they specialize in content replacement, browser locking or clickjacking, online-skimming, and cookie stuffing. Now the situation when the user could download a malicious file directly is not too frequent. It’s more common for a malware to be disguised as something else to hide from the security solutions, remaining an unseen threat to users.”

Parinov however said that the good news is that modern security solutions are too advanced for such malware to fly below radar – it is more likely to be blocked either during the initial scan of the file by a security solution that happens by default, or within the very moment such programs attempt to launch.

rohma@khaleejtimes.com