Dubai: Cyberattacks in the UAE skyrocketed by at least 250 per cent this year, mainly because many residents, schools and companies were not prepared for the ‘cyber life’ forced by COVID-19, a top official said during the Gulf Information Security Expo and Conference (GISEC) in Dubai on Sunday.
Speaking during a GISEC session, held alongside GITEX Technology Week, Dr Mohammad Hamad Al Kuwaiti, Head of Cyber Security, UAE Government, added that Iran was a main actor behind ‘ATPs’ (Advanced Persistent Attacks). He also said the recent UAE-Israel peace agreement “opened whole new attacks” against the UAE.
During the session, titled ‘Ai Resiliency During the Cyber Pandemic Era’, moderator Dan Murphy, a CNBC correspondent, noted how “UAE government data” showed a doubling of “cyber security incidents in the past year”. Dr Al Kuwaiti commented that this year, as schooling and work moved online, many people and entities in the UAE were not ready, in terms of both infrastructure and culture, for this cyber life. As a result, it opened many vulnerabilities in devices and networks for attackers to exploit, he added.
Read more
Top attacks
“We saw a huge increase in many of those attacks … at least a 250 per cent increase in such attacks as we saw it here in the UAE, in many of those sectors. The financial sector was one of the most attacked, as well as even the health sector,” Dr Al Kuwaiti said. When Murphy asked “what type of attacks are we seeing and where are they coming from”, Dr Al Kuwaiti said “number one” was the ‘phishing’ type of attack. Such an attack typically involves a criminal pretending to be a trusted source, such as a bank, duping a victim into opening a message, through which data such as the login password or credit card number is stolen.
“We all know there are phishing attacks and I believe we all experienced that [attempt] either by email or social media or any other means, such as WhatsApp messages … The second important [type of] attack that we saw, and we see, here this year is ransomware, either for blackmailing or for other sectors,” Dr Al Kuwaiti.
Iran, Israel and geopolitics
However, other attacks, he added, included ATPs — which normally are very sophisticated hacking techniques to enter and stay in a system for a long time. “The main one [behind] those attacks regionally, [whom] we see it coming from, in the whole region, is Iran,” Dr Al Kuwaiti said.
When Murphy asked how significant were the threats, Dr Al Kuwaiti said such “attacks are increasing, the attacks specifically perpetrated from those countries”. He said there is a need for collaboration in defending such attacks, adding that some GISEC participants this year are “helping us detecting and deterring any of those attacks, not specially focusing on one country”. He added that the “focus on my country is because of the geopolitical type of aspects today we see in our region. Any geopolitical type of aspect is always followed by such attacks. Our relationship, for example, with the normalisation with Israel, really opened a whole new [series of] attacks from some other actors against the UAE, be it in the financial sector or be it in any other such aspects”.
However, the UAE, through its own efforts and also in collaboration with others, is making itself “a safe, secure heaven for everybody”, Dr Al Kuwaiti said.
WhatsApp calls opening in UAE?
Moving to another topic later in the same session, Murphy said some services in the UAE were “unavailable”, such as “WhatsApp calling, for example, Skype, FaceTime video calling”. He asked if the COVID-19 pandemic “might perhaps accelerate the unblocking of these services in the UAE for people who might not feel comfortable using alternatives, like ToTok, for example”.
Dr Al Kuwaiti replied that “many solutions” have been opened in the UAE, such as Microsoft Teams and Zoom. He clarified that ‘Skype for Business’ is “active and open” in the UAE. Regarding “other tools that are competing with the service provider, like WhatsApp, the service provider has a set of regulations, a set of criteria that need to be adhered to and complied to”. He added that such services, including WhatsApp, “are already working on that with us hand-in-hand in order to open that hopefully” next year.