Ethical hackers in Saudi Arabia take on cybercriminals, fraudsters

Ethical hackers in Saudi Arabia take on cybercriminals, fraudsters
Ethical hackers, also known as ‘white-hat’ hackers hack with the purpose of finding an opening in a website, with the aim of searching for loopholes and vulnerabilities in networks and systems, fighting cybercrime and countering cyberattacks. (Supplied)
Short Url
Updated 12 November 2021
Follow

Ethical hackers in Saudi Arabia take on cybercriminals, fraudsters

Ethical hackers in Saudi Arabia take on cybercriminals, fraudsters
  • Saudi authorities’ novel initiatives protect people by introducing training programs, stringent guidelines

JEDDAH: The growing popularity of e-commerce, online public services and social media in Saudi Arabia has brought many benefits that can improve the quality of day-to-day life.

However as the amount of personal information and data we share online increases, so does the risk of falling victim to cybercrime. Ignorance of the dangers, or complacency based on an assumption that online spaces are probably safe, can increase the chances of falling victim to scammers.

As a result of this, and the demand for greater online safeguards and services to protect users from the criminals who prey on the unwary, cybersecurity is an expanding field in the Kingdom. Saudi authorities have taken great strides in efforts to protect people online by launching training programs and events such as hackathons, and improving the rules and guidelines for the public and private sectors relating to social media accounts and the cloud, for example.

In March, Minister of Education Hamad Al-Sheikh signed a cooperation agreement with the governor of the National Cybersecurity Authority, Khalid Al-Sabti, to strengthen cooperation in the fields of education, scientific research, training and awareness, as part of the efforts to boost capacity building in the field of cybersecurity.

Previously, in 2018, the ministry and the NCA had signed a cooperation agreement under which the Custodian of the Two Holy Mosques Program for Foreign Scholarships allocated 200 scholarships a year for five years in the field of cybersecurity.

Walaa Anees, who is studying for a master’s degree in cybersecurity and digital forensics at George Mason University in Virginia, told Arab News that one of the main reasons why she decided to specialize in this field was because she had seen relatives suffer when their social media accounts were hacked and private pictures leaked. She also wants to blaze a trail for Saudization and increasingly empowered Saudi women in her country’s workforce.

Anees added that she is thankful to live in a country with a generous government that offered to sponsor her education and provide support while she studies abroad.

HIGHLIGHT

Walaa Anees, who is studying for a master’s degree in cybersecurity and digital forensics at George Mason University in Virginia, told Arab News that one of the main reasons why she decided to specialize in this field was because she had seen relatives suffer when their social media accounts were hacked and private pictures leaked.

“I am certainly looking forward to coming back home to both employ the knowledge that I have gained and pass it along to the community,” she said. “I am truly excited to give back in return for what my country offered.”

Young people do not need to travel abroad to further their knowledge and skills, however. The Tuwaiq Academy, for example, which was established in 2020, offers bootcamps in the Kingdom that teach 1,000 young men and women programming and cybersecurity skills, of international standards over the course of four to five months to prepare them for the developing requirements of the Saudi labor market. It is said to be the largest national initiative of its kind.

The Kingdom’s cybersecurity education efforts are not limited to adults but also include options for children. CyberKids, the Cybersecurity for Children Association, for example, aims to protect children from the predators that might target them while they surf the internet or play online games. The association said that the courses it provides have benefited more than 16,000 children.

Efforts by the authorities and other organizations to create a safer online environment can only go so far, however, and part of the responsibility ultimately lies with individuals to be aware of the dangers and the steps they can take to reduce the risks.

One of the best ways to protect personal information and data is to use strong, unique passwords for every account, and regularly change them. It is also important to be able to spot suspicious messages and emails, and never to click on any links they contain.

Mohammed Al-Sultan is an ethical hacker who helps the victims of cybercrimes on a pro bono basis, and is part of a team that works to make cyberspace safer. Ethical hackers are skilled technicians who search for vulnerabilities in systems so that they can be fixed.

He explained that cybersecurity means information security, and so the goal is to protect information from theft and corruption.

“There are two types of hackers: the good and the bad,” Al-Sultan said. “The ethical ones are called ‘white-hat’ hackers and their job is to hack with the purpose of finding an opening in a website, with the aim of searching for loopholes and vulnerabilities in networks and systems, fighting cybercrime and countering cyberattacks.

“As for the bad hackers, also known as ‘black-hat’ hackers, they are the ones who commit cybercrimes such as information theft, network penetration and privacy infringement.”

He added that ethical hacking is legal, as the aim is to help improve security by highlighting vulnerabilities. He knows his job based on the internationally accredited training courses he took from CEH, certified ethical hacker, and governmental, educational centers such as Doroob platform and STC.

Criminal hackers and fraudsters often use so-called social engineering techniques to deceive and manipulate their victims into revealing confidential or personal information. Perhaps the best-known and most common form of social engineering scam is phishing, in which criminals send out emails that appear to be from reputable sources in an attempt to trick recipients.

For example, an email or message might claim that recipients have won a prize and need to enter their bank account details at a link that is provided. This information can give the fraudsters access to the bank account and allow them to clean it out.

Another trick hackers use, Al-Sultan said, is telling you they need you to send them your unique WhatsApp code so that they can add you to a group.

“The hacker can create an account on Instagram similar to that of someone you know and they will direct message you telling you they will add you to a WhatsApp group and you need to send them a certain code,” he explained. “But once you give them that code they will immediately hack into your WhatsApp and will start texting people you know to send their credit card information.”

Most of the people who come to Al-Sultan for help have fallen victim to blackmail, he said. This is an area that also concerns the Saudi government, which has launched an anti-extortion website to help victims and catch the perpetrators.

Arab News spoke to some blackmail victims about their experiences. Their names have been withheld to protect their identities.

L. L. said a former boyfriend attempted to blackmail her by threatening to post private videos on social media.

“My ex did not like that I broke up with him,” she said. “He started blackmailing me and threatening that he would expose private videos of mine online. “I went to the police station and filed a complaint and luckily the police transferred the case to the criminal investigations department, and they tracked him down. Thank God, he was caught.”