As the region moves towards a more digital economy, ransomware and other cyber-attacks are rising

Middle Eastern counties are increasingly becoming targets for cybercriminals, as a new report has warned organizations to be on the alert.

While numbers remain comparatively small, TrendMicro has reported an increased risk of ransomware and other malware attacks across the region.

Of the 1.7 billion ransomware attacks detected globally in 2018, 2.4 million hit the UAE and 1.9 million were detected in Kuwait during the first quarter of the year, a new report reveals.

Meanwhile, Bahrain and Oman accounted for 1.2 million and 534,806 attacks respectively, Trend Micro found.

In an effort to accelerate economic growth and diversify away from dependence on oil, many Gulf countries have been making great strides in digitization. And, as Trend Micro points out, this means a growing exposure to cyber-attacks, with potentially devastating effects.

“As [Gulf Cooperation Council] GCC economies shift to digital, securing the cyberspace becomes all the more paramount as there is an increasing risk of calculated and premeditated cyber-attacks," said Cherif Djerboua, regional tech leader at Trend Micro AMEA.

"What we are witnessing now in the Gulf is a long-term transformation, and stakeholders ought to regard security as a key infrastructure necessary for a smart city to thrive.

“Device penetration, interconnectivity, massive data – all of these have started to proliferate and more so in the near future.”

In the UAE in particular, there are plans in place to share data collected by the government with the public and businesses, increasing the risks of a breach somewhere along the chain.

Trend Micro’s research has also uncovered a rise in malware attacks generally in the Middle East.

Also in the first quarter of 2018, there were 1.6 million incidents in the UAE, 465,058 in Kuwait, 202,241 in Bahrain, and 161,055 in Oman.

Some of these incidents targeted online banking, with 433 attacks during the period in the UAE, 90 in Kuwait, and 56 in Bahrain – numbers that are rising.

And the security firm says it’s also concerned about the increasing number of attacks carried out by directing victims to malicious URLs, with nearly a million cases in the UAE, and a quarter of a million in Kuwait.

Cause for concern

While many Middle Eastern countries claimed to have escaped the widespread WannaCry ransomware attack in 2016 and the Petya ransomware incident last summer, this may well be because the attacks were halted in their tracks before they had a chance to spread.

Since then, though, researchers from Kaspersky Lab say they have discovered active Mamba ransomware in Saudi Arabia, and the UAE’s Telecommunications Regulatory Authority revealed that Zyklon ransomware was detected numerous times in early 2018.

It’s not clear how many organizations are surrendering to pay the ransom in the case of these attacks – it’s something that companies are naturally secretive about.

However, a recent report from the CyberEdge Group found that 19% of victims worldwide have paid up and got their data back so far in 2018.

However, another 20% handed over the cash and never saw anything in return – a risk that Trend Micro has warned against.

“First of all, there is no guarantee that paying will result in the lost data being returned. Additionally, attackers are likely to come back and encrypt data from the same company if they receive payment once,” a Trend Micro spokesperson told The Daily Swig.

“Instead, having a solid back up system is the best practice to ensure paying the ransom is not needed. This includes a 3-2-1 system: three copies in two physical locations with one of them being air gapped.

“With this level of backup, businesses can simply reboot from a backup to move forward following a ransomware attack,” they added.