The country also stresses the need to ensure the safe and unhindered flow of humanitarian aid and delivery of life-saving supplies
uae16 hours ago
Government, manufacturing, energy and telecom industries in the UAE and the Middle East are more likely to be targeted by cyber attacks. These groups penetrate using carefully planned multi-stage attacks aimed at specific economic sectors, a new study has revealed.
Released by Positive Technologies on Wednesday, the study revealed that the military-industrial complex, finance, mass media, IT and science and education were the other sectors that were mostly targeted by the cybercrime group.
Among the countries, Saudi Arabia, UAE, Israel, Jordan, Egypt, Kuwait and Lebanon were mainly targeted by the group through phishing emails and exploited vulnerabilities in public-facing applications.
Yana Avezova, a senior analyst with the Positive Technologies research team, said an overwhelming majority of groups active in the Middle East attacked governments and industry at least once. “It is worth noting that government agencies were the most attractive targets for all malicious actors in 2022–2023. These accounted for 22 per cent of total attacks on organisations in the Middle East,” said Avezova.
According to the report, two of the five most-attacked sectors, targeted by half of all groups, were telecommunications and the military-industrial complex.
Compared with other regions of the world, the study said Middle Eastern media, too, have often found themselves a target of cyberattacks and historically have ranked high on the list.
“Complex, targeted attacks begin with reconnaissance. Attackers may conduct extensive network scanning to identify suitable targets. This gives them enough information for the initial stage of penetration. The information may include a list of applications installed on the target server and its versions containing known vulnerabilities. After reconnaissance comes the preparation of tools for the attacks. Cybercriminals may register fake domains and create email or social media accounts for spear phishing,” said Alexander Badaev, an information security threat researcher at Positive Technologies Expert Security Centre.
According to Badayev, after successfully gaining initial access, the attackers seek to establish a foothold in the infrastructure. To do this, 69 per cent of groups leveraged the task scheduler, an OS component that runs applications or scripts at a predefined time or in response to a certain event, as in the case of a campaign that targeted the UAE government, where a group named OilRig created a MicrosoftEdgeUpdateService scheduled task that ran every five minutes, launching malware. Most attackers – 56 per cent – configured malware to auto-run. A third of groups – 31 per cent – gained a foothold in victim companies' systems by setting up malware to run on a certain event, said the report.
ALSO READ:
The country also stresses the need to ensure the safe and unhindered flow of humanitarian aid and delivery of life-saving supplies
uae16 hours ago
Being built on an island of almost 62 hectares, the resort will have 20 restaurants, some of which will be helmed by top chefs from worldwide
uae16 hours ago
He said that his son Rohan, a pilot, often jokes about the reactions he gets when making announcements as the First Officer
uae17 hours ago
The parents empasised that their relationship with their children has grown stronger and more affectionate since the incident
uae17 hours ago
Regulations will be applied across public buildings, streets, parks, beaches, private spaces, among others, and violators shall be granted a grace period to adjust their lighting accordingly
uae18 hours ago
The government authority announced the road closure on social media platform X
uae19 hours ago
The president of the Union of Arab Chambers underlined the need for reskilling the workforce to counter job losses due to automation
uae20 hours ago
The situation has raised concerns within the Ministry of Civil Aviation, which is closely monitoring the developments
uae21 hours ago