Middle East faced wave of cybersecurity threats since start of pandemic

Middle East faced wave of cybersecurity threats since start of pandemic
1 / 2
The region has always been a hotbed for such attacks due to geopolitical factors. (File/Shutterstock)
Middle East faced wave of cybersecurity threats since start of pandemic
2 / 2
Fatemah Alharbi, Cybersecurity researcher and consultant. (Supplied)
Short Url
Updated 24 October 2021

Middle East faced wave of cybersecurity threats since start of pandemic

Middle East faced wave of cybersecurity threats since start of pandemic
  • The researchers issued 49 threat intelligence reports due to investigations associated with cyberattacks on the UAE
  • In the VMWare report, a survey of 252 Saudis showed 84 percent of them said that cyberattacks had increased due to working from home

RIYADH: Since the start of the pandemic, a wave of advanced threat campaigns targeting the Middle East have been discovered by Kaspersky, a global cybersecurity firm.

An APT is an attack campaign in which intruders establish an illicit, long-term presence on a network to mine highly sensitive data. The targets, which are carefully chosen and researched, typically include large enterprises or government networks.

The region has always been a hotbed for such attacks due to geopolitical factors.

Kaspersky researchers, keeping a close eye on the region for APTs, worked on 68 investigative reports related to 29 cyber gangs actively targeting the Middle East since the start of the pandemic.

The researchers issued 49 threat intelligence reports due to investigations associated with cyberattacks on the UAE, which endured the highest number of reports for all Middle Eastern countries.

The second highest was Saudi Arabia with 39 reports, followed by Egypt with 30. Kuwait and Oman had 21 each, while Jordan had 20. Iraq, Qatar and Bahrain had fewer than 20 reports each.

APT attacks primarily targeted government agencies, followed by diplomatic institutions, the education sector, and telecommunication institutions. Other targeted sectors included finance, IT, healthcare, legal, military, and defense.

Some of the APT groups investigated were Oilrig, WIRTE, Lazarus, and Sofacy.

Fatemah Alharbi, a cybersecurity expert and assistant professor at Taibah University, told Arab News: “PowerShell-based malware are utilized by advanced cyberattacks targeting critical infrastructures in Saudi Arabia.”

She said these cybercriminals were sending phishing emails that contained malicious Microsoft Office files impersonating legitimate entities.

To pass the firewall and the email protection techniques, she explained, these rigged files were protected by passwords and compressed as zip files.

“This approach facilitates the mission of these cybercriminals to take full control of the file system and to compromise every single file there. This means they would be able to control the operating system, applications, and data. Assuming the attack is detected, an in-depth analysis and investigation on the file system is highly recommended as a quick response to recover the system and stop the attack.”

Referring to a report by Bitdefender, a cybersecurity technology company, Alharbi said: “Researchers shed light on a well-known APT cyber espionage campaign that targets mainly critical infrastructures in Saudi Arabia.This threat group is called Chafer APT (also known as APT39 or Remix Kitten). The report shows that these cybercriminals rely on social engineering to compromise victims in Saudi Arabia.

“Technically, the attack tricked victims to run a remote administration tool located in the downloads folder, similar to the RAT components used against Turkey and Kuwait back in 2014 and 2018, respectively.”

Despite these threats, Alharbi said the Kingdom’s cybersecurity resources had proven their ability to face such dangers.

“Saudi Arabia is ranked No.1 in the MENA region and Asia and No.2 globally according to the Global Cybersecurity Index issued by the UN’s specialized agency in information and communications technology, the International Telecommunication Union in 2021.”

This indexing evaluates countries periodically based on five main axes: Legal, technical, regulatory, capacity-building, and cooperation. The Kingdom scored advanced points in all of these axes, she said.

Amin Hasbini, head of the global research and analysis team for the Middle East, Turkey, and Africa at Kaspersky, said: “Our cybersecurity experts have always been at the forefront of detecting and reporting the latest APT threats. Our reports are the product of their visibility into the cybersecurity landscape and promptly identify what poses a threat.

“We use these insights to, of course, alert the concerned organizations on time and provide them with the protection as well as intelligence needed against both known and unknown threats. As companies move towards digitization, especially due to the pandemic, it is more important now than ever before to know about the threats that are constantly evolving.”

According to a recent report from Kaspersky and VMWare, working remotely during the pandemic made Saudi employees vulnerable to cyberattacks.

In the VMWare report, a survey of 252 Saudis showed 84 percent of them said that cyberattacks had increased due to working from home.

Alharbi talked about methods to protect users from social engineering threats. “Recently, we see a rise in the number of cyberattacks that are based on social engineering. According to a recent report by PurpleSec, 98 percent of cyberattacks rely on social engineering. Cyber criminals prefer to use social engineering techniques that can expose a victim’s natural inclination to trust easily compared to implementing malwares or any other tools to hack systems.

“For that, organizations must strengthen and diversify their cybersecurity awareness tactics, such as publishing cybersecurity awareness content, in-class training, videos, simulations and tests,” she said.


Minister: No cases of Omicron variant in Egypt, country prepared for all outcomes

Minister: No cases of Omicron variant in Egypt, country prepared for all outcomes
Updated 04 December 2021

Minister: No cases of Omicron variant in Egypt, country prepared for all outcomes

Minister: No cases of Omicron variant in Egypt, country prepared for all outcomes
  • On Friday Egypt recorded 933 new cases of COVID-19 and 49 deaths

CAIRO: Khaled Abdel Ghaffar, the acting Egyptian minister of health, confirmed no cases of the new coronavirus Omicron variant have been found in the North African country.

Abdel Ghaffar said recent studies had taken samples from all of Egypt’s governorates, so far failing to report a single case.

He added that no country is able to prevent the entry of any mutation, but that the government was ready for all variants of the virus.

Hossam Abdel Ghaffar, a spokesman for the Egyptian Ministry of Health, denied claims that two people were infected with the Omicron variant on a plane from Ethiopia, and also denied the arrival of an Egyptian citizen carrying the mutation in Cairo on a plane from South Africa.

He stressed people would need to continue to adhere to the precautionary measures implemented at all entry points to the country. 

The Ministry of Health decided to conduct rapid COVID-19 tests for those flying into Egypt from South Africa, Lesotho, Botswana, Zimbabwe, Mozambique, Namibia and Eswatini, sending back any positive cases on the plane they arrived on, or quarantining them if their final destination was Egypt. 

The minister stressed that the state’s procedures are within the framework of preventing the entry of the Omicron variant into Egypt, and added that when a case is identified, it will be announced with full transparency.

On Friday Egypt recorded 933 new cases of COVID-19 and 49 deaths, bringing the total number of cases recorded in Egypt to 361,368, of which 299,434 have recovered, and 20,643 deaths.


Tunisia’s union calls for early elections, says democratic gains are threatened

Tunisia’s union calls for early elections, says democratic gains are threatened
Updated 04 December 2021

Tunisia’s union calls for early elections, says democratic gains are threatened

Tunisia’s union calls for early elections, says democratic gains are threatened
  • The UGTT union, which won the Nobel Peace Prize in 2015 for helping build democracy in the birthplace of the Arab Spring, is a key political player in Tunisia

TUNIS: Tunisia’s powerful UGTT union called for early elections on Saturday, saying it was concerned for the country’s democratic gains because of the president’s reluctance to announce a roadmap for political reforms.
UGTT leader Noureddine Taboubi’s comments, in a speech to thousands of his supporters, put more pressure on President Kais Saied, more than four months after he seized all political powers.
“We supported July 25 because it was an opportunity to save the country and implement reforms ... but we have become afraid for Tunisians’ democratic gains because of the excessive reluctance to announce a roadmap,” Taboubi said.
He added that the president should call for a dialogue with political parties and national organizations that includes reviewing the electoral law and agreeing on early and transparent elections.
The UGTT union, which won the Nobel Peace Prize in 2015 for helping build democracy in the birthplace of the Arab Spring, is a key political player in Tunisia.
Saied suspended parliament and dismissed the government on July 25, installing a new prime minister and announcing he would rule by decree. Critics denounced his move as a coup.
The president has defended his takeover as the only way to end governmental paralysis after years of political squabbling and economic stagnation. He has promised to uphold rights and freedoms won in the 2011 revolution.
Saied also promised to end the emergency state quickly but has not given a date for this, and pressure has mounted for him to present a roadmap to return to parliamentary democracy.


Yemeni military commander hopeful of Marib advance after army cuts Houthi supply lines 

Yemeni military commander hopeful of Marib advance after army cuts Houthi supply lines 
Updated 04 December 2021

Yemeni military commander hopeful of Marib advance after army cuts Houthi supply lines 

Yemeni military commander hopeful of Marib advance after army cuts Houthi supply lines 

LONDON: Yemen’s military commander heading army troops in Marib Maj. Gen. Mansour Thawaba said he was hopeful of advancements in the strategic province after Houthi supply lines were cut. 

There have been “great advances” in the past two days in Bayhan, Usaylan and Harib, the major general told Al-Arabiya, noting that army forces cut the Houthis’ supply line between Bayhan and Harib.

He explained that military operations continued on all fronts, with the southern front seeing most of the action. He also noted the Saudi-led Arab coalition’s support with airstrikes. 

“Marib is not besieged, and the Houthis are far from achieving this,” he said. 

He added that most of those fighting for the Houthis were children and young men. 

“They do not care about the children of Yemenis who are killed by the dozens every day,” he said, referring to the Houthi militia. 

The coalition announced on Friday night that it had destroyed a ballistic missile launcher south of Sanaa.

The coalition added that it also destroyed a “mine-making workshop” in the capital, stressing that it had taken “preventive measures to spare civilians and civilian structures from collateral damage” during the airstrikes.


Clashes rock Arab town in Israel, alleged car-rammer killed

Clashes rock Arab town in Israel, alleged car-rammer killed
Updated 04 December 2021

Clashes rock Arab town in Israel, alleged car-rammer killed

Clashes rock Arab town in Israel, alleged car-rammer killed
  • The chaos comes amid a wave of violent crime in Israel’s Arab community that shows no sign of abating

UMM AL-FAHM, Israel: Police on Friday shot and killed a man in an Arab town in northern Israel who had allegedly been involved in a car-ramming attack that wounded two officers, Israeli officials said.
The incident capped an eruption of communal violence in Umm Al-Fahm, including armed clashes among residents. On Thursday, a man was shot and killed in the town. Israeli police and firefighters raced to the community as gunfire rang out and buildings were set ablaze.
The chaos comes amid a wave of violent crime in Israel’s Arab community that shows no sign of abating, despite far-reaching action announced in recent months by Israeli authorities.
Friday’s incident began when paramilitary Border Police opened fire on a vehicle speeding toward them, fatally shooting one man and wounding the other in the car, who was arrested after receiving medical treatment, Border Police said. They said the two officers suffered light to moderate wounds.
They said a gun and ammunition were found in the car, and that the two men were suspected of involvement in violent family disputes that have rocked Umm Al-Fahm in recent months. Authorities said the car-ramming was not politically motivated.
Arab towns across Israel have seen a major escalation in violence in recent years driven by organized crime and family feuds. At least 117 Arabs have been killed in 2021, the highest number on record, according to the Abraham Initiatives, which promotes Jewish-Arab coexistence. The crime rate among Arabs far exceeds their 20 percent share of the population.
Arab citizens of Israel have the right to vote, most speak fluent Hebrew, and they have a large presence in the country’s universities and medical profession. But they face widespread discrimination, especially with housing.
They have close familial ties to Palestinians in the occupied West Bank and Gaza, and largely identify with their cause, leading many Jewish Israelis to view them with suspicion. Jewish-Arab violence erupted across Israel during the Gaza war in May.
Arab activists have long accused police of ignoring crime in their communities. Israeli officials have touted a number of initiatives in recent years, including larger budgets for law enforcement in Arab communities, but police say local leaders could do more to help them.
Israel’s current government pledged major action against crime in Arab communities in August as it announced a wave of arrests. That was a central demand of a small party that made history this year by being the first Arab faction to join a ruling coalition.
Israeli Prime Minister Naftali Bennett expressed support for the police on Friday, calling for improved security and further dialogue with Arab leaders.


Arab coalition destroys ballistic missile launch pad in Yemen’s capital

Arab coalition destroys ballistic missile launch pad in Yemen’s capital
Updated 04 December 2021

Arab coalition destroys ballistic missile launch pad in Yemen’s capital

Arab coalition destroys ballistic missile launch pad in Yemen’s capital

RIYADH: The Arab coalition destroyed a ballistic missile launch pad and a warehouse used to build drones in Yemen’s capital, Al Ekhbariya reported on Saturday.
The coalition has carried out multiple sorties in the past few weeks to hamper Houthi militia operations in and around Sanaa.
The launch pad destruction in southern Sanaa also killed experts, the coalition said, adding that a mine-making and drone-assembly workshop was also destroyed.
The coalition said they took the necessary precautions to safeguard civilian life during the operations.
The near daily attacks by the militia on Saudi civilian infrastructure using drones has reduced considerably as the coalition has gone after specific targets behind the persistent attacks.
Experts belonging to Hezbollah and Iran’s Revolutionary Guard have been killed by the coalition airstrikes in recent weeks.
The Yemeni government is engaged in a fierce resistance in the governorate of Marib, a resource-rich region coveted by the Iran-backed group.
On Thursday, the coalition said it carried out nine operations against militia targets in Marib in the past 24 hours, killing 45 fighters and destroying six military vehicles.
Government forces also liberated a large swathe of land in the southern governorate of Shabwa on Thursday.
Backed by air cover from the Arab coalition, government troops pushed deeper into Houthi-controlled Bayhan and Ousylan districts, expelling militia fighters from wide areas and taking control of a strategic road that connects the two districts, a military official told Arab News on Thursday.
The Arab coalition has been fighting the Iran-backed Houthis, after the militia seized Yemen’s capital, Sanaa, in 2014.
In March, Saudi Arabia announced a roadmap called the Riyadh Initiative to halt fighting in Yemen and reopen Sanaa airport, as well as continuing talks to find a solution to the conflict. The proposal was seen as a welcome step internationally, but has been rejected by Houthi leadership.
The war, which has now lasted for seven years, has cost thousands of Yemenis their lives and has forced many more to depend on humanitarian assistance.
Saudi relief agency, KSrelief, has poured billions of dollars worth of aid into Yemen and has hundreds of projects focusing on food and health.
In July, The World Food Programme welcomed Saudi contributions to the fund saying humanitarian action in Yemen could not be sustained without it.