Connect with us

News

UAE Second Most Targeted Country in MEA for Ransomware

Published

on

Cyber criminals revealed new levels of ambition in 2016 – a year marked by extraordinary attacks, including multi-million dollar virtual bank heists and overt attempts to sabotage organizations by state-sponsored groups including Shamoon, and record-breaking DDoS attacks that were carried out by infecting IoT devices, according to Symantec’s (Nasdaq: SYMC) Internet Security Threat Report (ISTR), Volume 22.

“New sophistication and innovation are the nature of the threat landscape, but this year Symantec has identified seismic shifts in motivation and focus,” said Hussam Sidani, Regional Manager for Gulf, Symantec. “The world has seen specific nation states doubling down on political manipulation and straight sabotage. In the Middle East, we saw Shamoon putting the Kingdom on high alert again after attacks were uncovered late 2016. Meanwhile, cyber criminals caused unprecedented levels of disruption by focusing their exploits on relatively simple IT tools, unsecured IoT devices and cloud services.”

timeline

The UAE’s 2016 Internet Security Threat Profile improved with its world ranking dropping from 41 in 2015 to 51 in 2016. In the Middle East and Africa, UAE improved its regional standing, dropping to 10th place compared to 6th the previous year. This shift indicates a lower global percentage of source-based security threats, including malicious code, spam, phishing hosts, web and network attacks, and bots originating in the country. However, the country was heavily targeted for ransomware, the second highest in the Middle East and Africa region, and representing about 0.5 percent of all global detections.

“UAE has taken commendable measures at federal, public and private levels to solidify cybersecurity in the country. Furthermore, various entities have made efforts to identify and foster future cybersecurity specialists, and there is also a growing awareness about cyberthreats in the weakest link in the chain – the end user or consumer,” added Sidani.

Symantec’s ISTR provides a comprehensive view of the threat landscape, including insights into global threat activity, cyber criminal trends and motivations for attackers. Key highlights include:

Subversion and Sabotage Attacks Emerge at the Forefront
Cyber criminals are executing politically devastating attacks in a move to undermine a new class of targets. Cyber attacks against the U.S. Democratic Party and the subsequent leak of stolen information reflect a trend toward criminals employing highly-publicized, overt campaigns designed to destabilize and disrupt targeted organizations and countries. While cyber attacks involving sabotage have traditionally been quite rare, the perceived success of several campaigns – including the U.S. election and Shamoon – point to a growing trend to criminals attempting to influence politics and sow discord in other countries.

The Increasing Threat Of Ransomware
Ransomware continued to escalate as a global problem and a lucrative business for criminals. Symantec identified over 100 new malware families released into the wild, more than triple the amount seen previously, and a 36 percent increase in ransomware attacks worldwide.

In the Middle East and Africa, UAE was the second most targeted company (after Saudi Arabia) for ransomware attacks, up two spots from 2015. Furthermore, the UAE ranked 26th globally for ransomware attacks, Saudi Arabia was the 20th most targeted country, and United States ranked first. Symantec found 30 percent of UAE ransomware victims are willing to pay a ransom, compared to 34 percent globally.

Adversely, 64 percent of Americans victims are prepared to pay a ransom. Consequently, in 2016 the global average ransom spiked 266 percent with criminals demanding an average of $1,077 per victim up from $294 as reported for the previous year.

Nation States Chase the Big Scores
A new breed of attackers revealed major financial ambitions, which may be an exercise to help fund other covert and subversive activities. Today, the largest heists are carried out virtually, with billions of dollars stolen by cyber criminals. While some of these attacks are the work of organized criminal gangs, for the first time nation states appear to be involved as well. Symantec uncovered evidence linking North Korea to attacks on banks in Bangladesh, Vietnam, Ecuador and Poland.

“This was an incredibly audacious hack as well as the first time we observed strong indications of nation state involvement in financial cyber crime,” said SidaniWhile their sights were set even higher, the attackers stole at least US$94 million.”

Attackers Weaponize Commonly Used Software; Email Becomes the Weapon of Choice
In 2016, Symantec saw cyber criminals use PowerShell, a common scripting language installed on PCs, and Microsoft Office files as weapons. While system administrators may use these common IT tools for daily management tasks, cyber criminals increasingly used this combination for their campaigns as it leaves a lighter footprint and offers the ability to hide in plain sight. Due to the widespread use of PowerShell by attackers, 95 percent of PowerShell files seen by Symantec in the wild were malicious.

The use of email as an infection point also rose, becoming a weapon of choice for cyber criminals and a dangerous threat to users. Symantec found one in 136 emails in the UAE contained a malicious link or attachment. Large enterprises (more than 2,501 employees) in the country received the most emails containing malware and phishing, while small enterprises (less than 250 employees) received the most spam. Cybercriminals attack large companies given the bigger user and asset base, which makes them a more lucrative victim given the multiple attack vectors. Additionally, the services industry was the most affected by malicious emails in the UAE (one in 53 emails), while 57 percent of all emails received by organizations were identified as spam, higher than the global average.

Cracks in the Cloud: The Next Frontier for Cyber Crime is Upon Us
A growing reliance on cloud services has left organizations open to attacks. Tens of thousands of cloud databases from a single provider were hijacked and held for ransom in 2016 after users left outdated databases open on the internet without authentication turned on.

Cloud security continues to challenge CIOs. According to Symantec data, CIOs have lost track of how many cloud apps are used inside their organizations. When asked, most assume their organizations use up to 40 cloud apps when in reality the number nears 1,000. This disparity can lead to a lack of policies and procedures for how employees access cloud services, which in turn makes cloud apps riskier. These cracks found in the cloud are taking shape. Symantec predicts that unless CIOs get a firmer grip on the cloud apps used inside their organizations, they will see a shift in how threats enter their environment.

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

News

Global Tech Glitch Grounds Flights, Disrupts Businesses

Published

on

Reporting from Chennai, India: A major tech issue on Friday caused widespread disruptions around the world, impacting airlines, banks, media companies, and numerous businesses. The root cause appears to be a configuration change within Microsoft Azure, the company’s cloud computing platform.

This change led to a breakdown in communication between storage and computing resources, ultimately causing connectivity failures for Microsoft 365 services. The most visible symptom for many users was the dreaded Blue Screen of Death (BSOD) on Windows 10 machines, rendering them unusable.

Social media reports documented the issue spreading rapidly across the globe, affecting users in the United States, India, and other countries. Banks, supermarkets, and media companies all reported problems, with some TV and radio studios even going offline.

The fallout was particularly severe for airlines. Check-in systems failed at major carriers in India, including IndiGo, Akasa, and SpiceJet. Similar disruptions were reported at airports worldwide, with Delhi’s Indira Gandhi International Airport, Sydney Airport, and Berlin Airport experiencing delays and cancellations. While Microsoft quickly resolved the Azure issue, airlines are still working to address the knock-on effects and get passengers back on track.

Fortunately, not all businesses were impacted. India’s stock exchanges, BSE and NSE, reported normal operations as they rely minimally on Microsoft applications.

While the exact cause of the grounding orders issued by major US carriers like American Airlines, Delta Airlines, and United Airlines remains unclear, it happened just after Microsoft resolved the Azure outage. Other airlines, including UAL and Allegiant Air, also grounded flights out of caution.

The global ripple effects extended to Singapore Airlines, where technical difficulties impacted their service centre and reservation hotlines. Thankfully, their flights continued to operate as scheduled. Passengers are advised to contact their airlines directly for the latest flight information as airports work through the backlog caused by this tech glitch.

Continue Reading

Gadgets

HONOR Unveils AI-Powered HONOR 200 Series at Dubai Launch Event

Published

on

HONOR unveiled its highly anticipated HONOR 200 Series at a spectacular launch event recently. The series boasts two new smartphones, the HONOR 200 Pro and HONOR 200, designed to revolutionize smartphone photography with advanced AI features.

The launch event, themed “HONOR AI World,” showcased the power of AI in portrait photography. Guests experienced interactive zones and a dedicated shooting booth, highlighting the HONOR 200 Series’ innovative camera capabilities. HONOR executives highlighted the brand’s impressive regional growth, boasting a 154% year-over-year revenue surge in 2023 and a strong 90% growth in the first half of 2024. Notably, the premium segment witnessed a remarkable 544% growth, reflecting HONOR’s strategic expansion and growing consumer preference.

The event also featured Dr. Ghalib Al Shammari, Chairman of The Saudi Society for Artificial Intelligence and Smart Systems. He shared his vision for AI’s transformative impact on society, aligning perfectly with HONOR’s mission to create a new intelligent world.

Features of the HONOR 200 Series include:

  1. Triple 50MP AI Portrait Camera: Capture exceptional detail and clarity with a powerful camera system featuring three 50MP lenses (main, telephoto, and selfie).
  2. Blazing-Fast Charging: The HONOR 200 Pro boasts the revolutionary 100W HONOR SuperCharge, allowing a full charge in just 41 minutes. Additionally, the Pro version offers 66W Wireless HONOR SuperCharge for ultimate convenience.
  3. Unmatched Performance: Equipped with the cutting-edge Snapdragon 8s Gen 3 AI Chipset, the HONOR 200 Series delivers seamless graphics and real-time responsiveness.
  4. Intelligent User Experience: MagicOS 8.0 empowers users with a range of AI-powered features, including AI-empowered Magic Portal, Magic Capsule, and Magic Ring (on the Pro version) for streamlined digital interactions.
  5. Eye-Catching Design and Comfort: The HONOR 200 Pro features a sleek, nature-inspired design and comes in three stunning colours: Ocean Cyan, Moonlight White, and Black. Additionally, the HONOR 200 boasts a 0-Risk AI Eye Comfort Display, minimizing eye strain with advanced technologies.
  6. Powerful New Tablet: HONOR also showcased its latest tablet during the event, featuring a large 11-inch display, long-lasting battery, and ample storage.

The HONOR 200 Pro is available for pre-order at AED 2499 with exciting free gifts worth AED 1696, including a HONOR CHOICE Watch, Earbuds, Backpack, and 12-month screen protection. The HONOR 200 comes in Moonlight White, Emerald Green, and Black, with prices starting at AED 1599 (12GB+256GB version). Purchases include free gifts worth AED 1496, including HONOR CHOICE Earbuds, MOECEN Band, Backpack, and 12-month screen protection.

This launch marks a significant step forward for HONOR, solidifying its position as a leader in AI-powered smartphone technology.

Continue Reading

Apps

WhatsApp Now Transcribes Voice Messages on Android

Published

on

Calling all Android users who dread lengthy voice messages: rejoice! WhatsApp is rolling out voice message transcription to its beta app.

This feature, already available for iOS users since May 2024, is now part of the WhatsApp Beta version 2.24.15.5 for Android. It automatically converts voice messages into text, making it easier and faster to understand conversations.

Currently, transcriptions are supported in five languages: English, Spanish, Portuguese (Brazil), Russian, and Hindi, with more languages promised in the future. Users opting in will need to download an additional data package to ensure all transcripts are generated directly on their devices, maintaining message privacy.

This update brings Android users closer to iOS users in terms of features and highlights WhatsApp’s commitment to improving the overall user experience.

Continue Reading
Advertisement

Latest Reviews

Follow us on Facebook