Middle East faced wave of cybersecurity threats since start of pandemic

Middle East faced wave of cybersecurity threats since start of pandemic
1 / 2
The region has always been a hotbed for such attacks due to geopolitical factors. (File/Shutterstock)
Middle East faced wave of cybersecurity threats since start of pandemic
2 / 2
Fatemah Alharbi, Cybersecurity researcher and consultant. (Supplied)
Short Url
Updated 24 October 2021

Middle East faced wave of cybersecurity threats since start of pandemic

Middle East faced wave of cybersecurity threats since start of pandemic
  • The researchers issued 49 threat intelligence reports due to investigations associated with cyberattacks on the UAE
  • In the VMWare report, a survey of 252 Saudis showed 84 percent of them said that cyberattacks had increased due to working from home

RIYADH: Since the start of the pandemic, a wave of advanced threat campaigns targeting the Middle East have been discovered by Kaspersky, a global cybersecurity firm.

An APT is an attack campaign in which intruders establish an illicit, long-term presence on a network to mine highly sensitive data. The targets, which are carefully chosen and researched, typically include large enterprises or government networks.

The region has always been a hotbed for such attacks due to geopolitical factors.

Kaspersky researchers, keeping a close eye on the region for APTs, worked on 68 investigative reports related to 29 cyber gangs actively targeting the Middle East since the start of the pandemic.

The researchers issued 49 threat intelligence reports due to investigations associated with cyberattacks on the UAE, which endured the highest number of reports for all Middle Eastern countries.

The second highest was Saudi Arabia with 39 reports, followed by Egypt with 30. Kuwait and Oman had 21 each, while Jordan had 20. Iraq, Qatar and Bahrain had fewer than 20 reports each.

APT attacks primarily targeted government agencies, followed by diplomatic institutions, the education sector, and telecommunication institutions. Other targeted sectors included finance, IT, healthcare, legal, military, and defense.

Some of the APT groups investigated were Oilrig, WIRTE, Lazarus, and Sofacy.

Fatemah Alharbi, a cybersecurity expert and assistant professor at Taibah University, told Arab News: “PowerShell-based malware are utilized by advanced cyberattacks targeting critical infrastructures in Saudi Arabia.”

She said these cybercriminals were sending phishing emails that contained malicious Microsoft Office files impersonating legitimate entities.

To pass the firewall and the email protection techniques, she explained, these rigged files were protected by passwords and compressed as zip files.

“This approach facilitates the mission of these cybercriminals to take full control of the file system and to compromise every single file there. This means they would be able to control the operating system, applications, and data. Assuming the attack is detected, an in-depth analysis and investigation on the file system is highly recommended as a quick response to recover the system and stop the attack.”

Referring to a report by Bitdefender, a cybersecurity technology company, Alharbi said: “Researchers shed light on a well-known APT cyber espionage campaign that targets mainly critical infrastructures in Saudi Arabia.This threat group is called Chafer APT (also known as APT39 or Remix Kitten). The report shows that these cybercriminals rely on social engineering to compromise victims in Saudi Arabia.

“Technically, the attack tricked victims to run a remote administration tool located in the downloads folder, similar to the RAT components used against Turkey and Kuwait back in 2014 and 2018, respectively.”

Despite these threats, Alharbi said the Kingdom’s cybersecurity resources had proven their ability to face such dangers.

“Saudi Arabia is ranked No.1 in the MENA region and Asia and No.2 globally according to the Global Cybersecurity Index issued by the UN’s specialized agency in information and communications technology, the International Telecommunication Union in 2021.”

This indexing evaluates countries periodically based on five main axes: Legal, technical, regulatory, capacity-building, and cooperation. The Kingdom scored advanced points in all of these axes, she said.

Amin Hasbini, head of the global research and analysis team for the Middle East, Turkey, and Africa at Kaspersky, said: “Our cybersecurity experts have always been at the forefront of detecting and reporting the latest APT threats. Our reports are the product of their visibility into the cybersecurity landscape and promptly identify what poses a threat.

“We use these insights to, of course, alert the concerned organizations on time and provide them with the protection as well as intelligence needed against both known and unknown threats. As companies move towards digitization, especially due to the pandemic, it is more important now than ever before to know about the threats that are constantly evolving.”

According to a recent report from Kaspersky and VMWare, working remotely during the pandemic made Saudi employees vulnerable to cyberattacks.

In the VMWare report, a survey of 252 Saudis showed 84 percent of them said that cyberattacks had increased due to working from home.

Alharbi talked about methods to protect users from social engineering threats. “Recently, we see a rise in the number of cyberattacks that are based on social engineering. According to a recent report by PurpleSec, 98 percent of cyberattacks rely on social engineering. Cyber criminals prefer to use social engineering techniques that can expose a victim’s natural inclination to trust easily compared to implementing malwares or any other tools to hack systems.

“For that, organizations must strengthen and diversify their cybersecurity awareness tactics, such as publishing cybersecurity awareness content, in-class training, videos, simulations and tests,” she said.


Iran’s nuclear program ‘has military element,’ admits ex-atomic energy chief

The former head of Iran's Atomic Energy Organization Fereydoun Abbasi-Davani. (Reuters/File Photo)
The former head of Iran's Atomic Energy Organization Fereydoun Abbasi-Davani. (Reuters/File Photo)
Updated 59 min 28 sec ago

Iran’s nuclear program ‘has military element,’ admits ex-atomic energy chief

The former head of Iran's Atomic Energy Organization Fereydoun Abbasi-Davani. (Reuters/File Photo)
  • Former head of nuclear agency said Tehran’s top nuclear scientist was killed because his research ‘became a threat’
  • Pursuit of weapons could spark “nuclear arms race,” expert tells Arab News

LONDON: The former head of the Iranian Atomic Energy Organization has revealed that Tehran’s nuclear program has military objectives, in the clearest admission to date of Iran’s nuclear bomb ambitions.

In an interview with state media, Fereydoun Abbasi-Davani, former head of the IAEO, admitted to the existence of a “system” with military capabilities.

The existence of a military research branch within Iran’s nuclear program would directly contravene the state line on nuclear weapons.

Officials in Iran often cite a fatwa — a religious edict — issued by Supreme Leader Ali Khamenei against the development and use of nuclear arms as evidence that they are not pursuing nuclear arms.

However, while discussing the 2020 assassination by Israeli agents of Mohsen Fakhrizadeh, Iran’s top nuclear scientist, Abbasi-Davani suggested that his research was part of a “system” that had become a military threat to Israel.

“When the country’s all-encompassing growth began involving satellites, missiles and nuclear weapons, and surmounted new boundaries of knowledge, the issue became more serious for them,” Abbasi-Davani said.

While the individual elements of Iran’s nuclear program did not have an overt military use, the existence of that “system” of research endeavors, such as uranium enrichment, combined with Iran’s reasonably advanced domestic missile program, is believed to have triggered Fakhrizadeh’s killing.

But Abbasi-Davani’s interview, released as Washington and Tehran are set to re-engage in long-running talks over the future of Iran’s nuclear program, also revealed new information on the strategic goals behind the pursuit of nuclear arms: A nuclear umbrella for its regional proxies.

“Although our stance on nuclear weapons based on the supreme leader’s explicit fatwa regarding nuclear weapons being haram (religiously forbidden) is quite clear, Fakhrizadeh created this system and his concern wasn’t just the defense of our own country,” Abbasi-Davani said.

He warned: “Our country backs the axis of the resistance front (against Israel), and when you enter this realm, the Zionists become sensitive.”

The “axis of resistance” refers to Iran’s network of terrorist organizations and proxy groups, including the Houthis in Yemen, Hezbollah in Lebanon and constituent militias of Iraq’s Popular Mobilization Front.

Ideologically, the groups are opposed to Israel, but they are used in practice to pursue Iranian foreign policy objectives.

Meir Javedanfar, Iran lecturer at Reichman University, told Arab News that Abbasi-Davani’s admission was of “grave concern,” particularly because of the reference to a “system.”

He said: “This is unprecedented. Until now, the assumption has been that even if Iran gets a nuclear program, it would only be used to defend Iran and to deter others.

“Now, based on Abbasi-Davani’s comments, we know that if Iran gets a nuclear weapon it will be used to defend its proxies in the region. This makes it even more imperative that Iran does not get nuclear weapons.”

He added: “Using nuclear weapons to support Iran’s proxies at the very least would mean providing a protection umbrella for various groups around the region. That would imperil numerous countries in the region, and not just the state of Israel.”

Javedanfar warned: “That could lead, in itself, to a nuclear arms race.”


Iran nuclear deal talks resume, chair feels ‘positive’

Deputy Secretary General of the European External Action Service (EEAS) Enrique Mora speaks to journalists in front of the Coburg palace after a meeting of the Joint Comprehensive Plan of Action (JCPOA) in Vienna. (AFP)
Deputy Secretary General of the European External Action Service (EEAS) Enrique Mora speaks to journalists in front of the Coburg palace after a meeting of the Joint Comprehensive Plan of Action (JCPOA) in Vienna. (AFP)
Updated 29 November 2021

Iran nuclear deal talks resume, chair feels ‘positive’

Deputy Secretary General of the European External Action Service (EEAS) Enrique Mora speaks to journalists in front of the Coburg palace after a meeting of the Joint Comprehensive Plan of Action (JCPOA) in Vienna. (AFP)

VIENNA: Negotiators in Vienna resumed talks Monday over reviving Iran’s 2015 nuclear deal with world powers, with the United States taking part at arms length as in previous rounds since the Trump administration pulled out of the accord three years ago.
Hopes of quick progress were muted after a hard-line new government in Tehran led to a more than five-month hiatus in negotiations. But the European Union official chairing the talks sounded an upbeat note after the first meeting concluded.
“I feel positive that we can be doing important things for the next weeks,” EU diplomat Enrique Mora told reporters.
All participants had shown a willingness to listen to the positions and “sensibilities” of the new Iranian delegation, Mora said. At the same time, Tehran’s team made clear it wanted to engage in “serious work” to bring the accord back to life, he said.
The remaining signatories to the nuclear deal formally known as the Joint Comprehensive Plan of Action — Iran, Russia, China, France, Germany and Britain — convened at the Palais Coburg, a luxury hotel where the agreement was signed six years ago.
A US delegation headed by the Biden administration’s special envoy for Iran, Robert Malley, was staying at a nearby hotel where it was being briefed on the talks by diplomats from the other countries.
President Joe Biden has signaled he wants to rejoin the talks. The last round, aimed at bringing Iran back into compliance with the agreement and paving the way for the US to rejoin, was held in June.
“There is a sense of urgency in putting an end to the suffering of the Iranian people,” said Mora, referring to the crippling sanctions the US re-imposed on Iran when it quit the accord.
“And there is a sense of urgency in putting the Iranian nuclear program under the transparent monitoring of the international community,” he said.
“What has been the norm over the first six rounds will be again the practice in this seventh round,” Mora added. “Nothing new on working methods.”
The United States left the deal under then-President Donald Trump’s “maximum pressure” campaign against Tehran in 2018.
The nuclear deal saw Iran limit its enrichment of uranium in exchange for the lifting of economic sanctions. Since the deal’s collapse, Iran now enriches small amounts of uranium up to 60 percent purity — a short step from weapons-grade levels of 90 percent. Iran also spins advanced centrifuges barred by the accord and its uranium stockpile now far exceeds the accord’s limits.
Iran maintains its atomic program is peaceful. However, US intelligence agencies and international inspectors say Iran had an organized nuclear weapons program up until 2003. Nonproliferation experts fear the brinkmanship could push Tehran toward even more extreme measures to try to force the West to lift sanctions.
Making matters more difficult, United Nations nuclear inspectors remain unable to fully monitor Iran’s program after Tehran limited their access. A trip to Iran last week by the head of the International Atomic Energy Agency, Rafael Grossi, failed to make any progress on that issue.
Russia’s top representative, Mikhail Ulyanov, said he held “useful” informal consultations with officials from Iran and China on Sunday. That meeting, he said, was aimed at “better understanding ... the updated negotiating position of Tehran.” He tweeted a picture of a meeting Monday he described as a preparatory session with members before Iran joined the discussions.
A delegation appointed by new Iranian President Ebrahim Raisi is joining the negotiations for the first time. Iran has made maximalist demands, including calls for the US to unfreeze $10 billion in assets as an initial goodwill gesture, a tough line that might be an opening gambit.
Ali Bagheri, an Iranian nuclear negotiator, told Iranian state television late Sunday that the Islamic Republic “has entered the talks with serious willpower and strong preparation.” However, he cautioned that “we cannot anticipate a timeframe on the length of these talks now.”
Iranian Foreign Ministry spokesman Saeed Khatibzadeh, meanwhile, suggested Monday that the US could “receive a ticket for returning to the room” of the nuclear talks if it agrees to “the real lifting of sanctions.” He also criticized a recent opinion piece written by the foreign ministers of Britain and Israel that pledged to “work night and day to prevent the Iranian regime from ever becoming a nuclear power.”
Israeli Prime Minister Naftali Bennett, in a video address delivered to nations negotiating in Vienna, warned that he saw Iran trying to “end sanctions in exchange for almost nothing.”
“Iran deserves no rewards, no bargain deals and no sanctions relief in return for their brutality,” Bennett said in the video that he later posted to Twitter. “I call upon our allies around the world: Do not give in to Iran’s nuclear blackmail.”
British Foreign Secretary Liz Truss called the meeting “the last opportunity for the Iranians to come to the table” after a meeting with Israeli Foreign Minister Yair Lapid.
“We want those talks to work,” Truss said. “But if they don’t work, all options are on the table.”
In an interview with NPR broadcast Friday, US negotiator Malley said signs from Iran “are not particularly encouraging.”
Russia’s Ulyanov said there’s pressure to get the process moving after “a very protracted pause.”
“The talks can’t last forever,” he tweeted on Sunday. “There is the obvious need to speed up the process.”
Mora, the EU official, said participants in Monday’s meeting had agreed on a plan of work for the coming days. Diplomats planned to discuss the issue of sanctions on Tuesday, followed by a meeting on Iran’s nuclear commitments Wednesday.


Turkey’s Erdogan says he will visit UAE in February

Turkey’s Erdogan says he will visit UAE in February
Updated 29 November 2021

Turkey’s Erdogan says he will visit UAE in February

Turkey’s Erdogan says he will visit UAE in February
  • Recep Tayyip Erdogan and Sheikh Mohammed bin Zayed Al-Nahyan oversaw the signing of nearly a dozen cooperation deals during the latter’s visit to Ankara last week
  • Erdogan hailed the visit of the crown prince as a ‘step that is instrumental in starting a new era between Turkey and the United Arab Emirates’

ANKARA, Turkey: Turkish President Recep Tayyip Erdogan says he plans to pay a return visit to the United Arab Emirates in February as the two countries move to put years of tense relations behind them.

Abu Dhabi’s crown prince visited Ankara last week, making his first official trip to Turkey since 2012 and the highest-level visit by an Emirati official since relations between the two countries hit a low.

Erdogan and the crown prince, Sheikh Mohammed bin Zayed Al-Nahyan, oversaw the signing of nearly a dozen cooperation deals during the visit, while a top Emirati official said the UAE has earmarked $10 billion for investment in Turkey.

Erdogan told a group of journalists on his return from a trip to Turkmenistan late Sunday that the crown prince’s visit took place in an “almost family like” environment and hailed the visit as a “step that is instrumental in starting a new era between Turkey and the United Arab Emirates.”

“God willing, I will make a return visit to the UAE in February,” Erdogan told journalists, adding that the country’s foreign minister and intelligence chief would travel before him to prepare the groundwork. His comments were reported by the state-run Anadolu Agency and other media on Monday.

Turkey is trying to mend its frayed ties with regional powers after finding itself increasingly isolated internationally.

Erdogan told journalists on board his plane that Turkey plans to mend with other regional powers — including Egypt and Israel — in the same way that it is with the UAE, and would reappoint ambassadors to those countries.


Israel’s Lapid urges world to keep up pressure on Iran

Israel’s Lapid urges world to keep up pressure on Iran
Updated 29 November 2021

Israel’s Lapid urges world to keep up pressure on Iran

Israel’s Lapid urges world to keep up pressure on Iran
  • Negotiators were to convene in a last-ditch effort to salvage a 2015 nuclear deal abandoned three years later by the US
  • Israeli Foreign Minister Yair Lapid said Iran was only attending the talks because they wanted access to money

LONDON: Israel urged world leaders to keep up pressure on Iran and not lift sanctions as part of nuclear negotiations that were set to resume in Vienna on Monday, saying that tighter supervision of Tehran was needed.
Negotiators were to convene in a last-ditch effort to salvage a 2015 nuclear deal abandoned three years later by the United States under then-President Donald Trump, who then reimposed sweeping US sanctions on Iran. That led to breaches of the deal by Tehran, and dismayed the other powers involved.
Israel has warned that Iran, its arch-enemy, will try to secure a windfall in sanctions relief at the talks, without sufficiently rolling back nuclear bomb-making potential through its accelerating enrichment of uranium.
Israeli Foreign Minister Yair Lapid, speaking in London alongside his British counterpart Liz Truss, said Iran was only attending the talks because they wanted access to money.
“This is what they have done in the past. And this is what they will do this time as well. The intelligence is clear, it leaves no doubt,” he told reporters after signing a Memorandum of Understanding on trade, technology and defense with Britain.
“A nuclear Iran will thrust the entire Middle East into a nuclear arms race; we will find ourselves in a new Cold War. But this time the bomb will be in the hands of religious fanatics who are engaged in terrorism as a way of life,” Lapid said.
“The world must prevent this and it can prevent this: tighter sanctions, tighter supervision, conduct any talks from a position of strength.”
In Jerusalem earlier on Monday, Israeli Prime Minister Naftali Bennett cautioned world powers to beware of what he described as Iranian “nuclear blackmail.”
Iran says it is enriching uranium solely for civil uses.
Truss said Britain was “absolutely determined” to prevent Iran from securing a nuclear weapon.
“As far as I am concerned, these talks are the last opportunity for the Iranians to come to the table and agree the JCPOA...,” she said, referring to the 2015 deal. “We will look at all options if that doesn’t happen.”


Arab Coalition carries out 15 strikes against Houthi militants in Marib

Arab Coalition carries out 15 strikes against Houthi militants in Marib
Updated 29 November 2021

Arab Coalition carries out 15 strikes against Houthi militants in Marib

Arab Coalition carries out 15 strikes against Houthi militants in Marib

RIYADH: The Arab Coalition on Monday said it carried out 15 attacks against the Houthi militia in Yemen’s Marib and al-Jawf over the past 24 hours.

At least 85 Houthi members were killed and 12 vehicles were destroyed in those attacks, Al Arabiya TV reported.