The Middle East cyber front line aiming to beat back AI-powered threats

The 2023 Global Cybersecurity Forum is set to take place in Riyadh in November, and will be held under the theme ‘Charting Shared Priorities in Cyberspace.’ (Supplied)
The 2023 Global Cybersecurity Forum is set to take place in Riyadh in November, and will be held under the theme ‘Charting Shared Priorities in Cyberspace.’ (Supplied)
Short Url
Updated 23 August 2023
Follow

The Middle East cyber front line aiming to beat back AI-powered threats

The Middle East cyber front line aiming to beat back AI-powered threats
  • Companies in the region face a growing threat from phishing, hackers and email scams as they embrace new technologies

DUBAI: Technology has advanced at breakneck speed over the past decade, with many processes, from shopping and banking to energy production and shipping, moving online, saving both time and labor, while also improving accessibility.

However, all of these advances also bring a range of new threats, including those seeking to exploit outdated centralized cybersecurity controls, resulting in an increase in cyberattacks and online criminal activities.

As more of the global economy moves into cyberspace, addressing the international cybersecurity threat is expected to cost the world $10.5 trillion annually by 2025.




Phishing, baiting and email hacking are common forms of gaining unauthorized access to information. (Shutterstock)

Middle East nations are no exception to this — and are perhaps especially vulnerable to cyberattacks on critical infrastructure such as oil and gas fields, power plants, ports and airports, considering the region’s vital role in energy production.

A 2022 analysis by cybersecurity company Kaspersky showed that the Middle East was one of the top five regions in the world with the highest percentage of malware blocked in industrial control systems that year.

Two years earlier, IBM data showed that the average cost of a cyberattack on organizations in the UAE and Saudi Arabia was $6.53 million, about 69 percent higher than the global average.

NUMBER

$105tr

As more of the global economy moves into cyberspace, addressing the international cybersecurity threat is expected to cost the world $10.5 trillion annually by 2025.

The second quarter of 2022 showed a 168 percent increase in the frequency of phishing attacks, hacking and online scams in Saudi Arabia compared with the previous quarter.

“It is true that there has been a surge in the frequency of cyberattacks targeting Saudi Arabia, but it is vital to stress that this is part of a broader global uptick in illicit activity in the digital space,” Ashraf Koheil, the Middle East, Africa and Turkiye regional director at cybersecurity firm Group-IB, told Arab News.

“Companies and organizations across all verticals and regions are having to respond to increased numbers of phishing attacks, ransomware attempts and scams.”




Mohamed Hashem,
KSA and Bahrain general manager, Kaspersky

According to Koheil, the roots of cybercriminal activity are often intertwined with socioeconomic factors.

“The Kingdom of Saudi Arabia is a global economic powerhouse that is undergoing an incredibly rapid digital transformation that has created a wealth of jobs and opportunities,” he said.

“In this context, one would expect to see cybercriminals try to take advantage of this in their attempts to trick unwitting members of the public into interacting with phishing pages or scam websites in their attempts to achieve illicit financial gain.”

FASTFACTS

• IBM’s 2020 data showed that the average cost of a cyberattack on organizations in the UAE and Saudi Arabia was $6.53 million, about 69 percent higher than the global average.

• Generative AI models have lowered cost and difficulty of carrying out phishing attacks, which makes Arabic-speaking countries such as Saudi Arabia particularly susceptible.

Another driver is that the public’s use of e-commerce platforms has increased dramatically in Saudi Arabia over the past few years.

Safwan Akram, managed security services director for Saudi Arabia at cybersecurity provider Help AG, says that more consumers are carrying out the majority of their shopping online, with e-commerce revenues expected to show a compound annual growth rate of 13.5 percent between 2023-2027, according to data from ecommerceDB.

“This provides an attractive target for bad actors seeking to obtain information such as user credentials and banking account details,” he told Arab News.




Safwan Akram, Managed Security Services Director – Saudi Arabia, Help AG.

Moreover, the cost and difficulty of carrying out a phishing attack has gone down dramatically due to the emergence of generative artificial intelligence models, which makes Arabic-speaking countries such as Saudi Arabia particularly susceptible.

“Previously, attackers were limited in their ability to target the Kingdom’s residents with phishing emails, as many of the attackers did not know how to write in Arabic. However, with generative AI models, attackers can generate well-written, seemingly trustworthy phishing emails and messages in a variety of languages at the click of a button,” Akram said.

Saudi Arabia has been leading its digitization journey by prioritizing cybersecurity ... as the boundaries of digitization and technology expand, so does the cyberattack surface, because of new vulnerabilities.

Mohamed Hashem, KSA and Bahrain general manager, Kaspersky

Saudi Arabia is home to a thriving fintech community, with many new companies cropping up, regulated by the Saudi Central Bank.

“Many of these fintech companies are startups that may not have a mature cybersecurity system in place compared to established enterprises — leaving them vulnerable to attacks,” Akram said.

With that in mind, Gulf countries that are obvious targets for hackers from around the globe are working diligently with public-sector cybersecurity providers to protect their infrastructure.




Ashraf Koheil, Regional Sales Director META at Group-IB.

The cybersecurity market in the Middle East and Africa is projected to reach $36.2 billion by 2028 at a compound annual growth rate of 10.2 percent over the next five years, according to a new report by MarketsandMarkets.

“Saudi Arabia has been leading its digitization journey by prioritizing cybersecurity,” Mohamed Hashem, general manager for Saudi Arabia and Bahrain at Kaspersky, told Arab News.

This is reflected in the country’s formation of entities such as the Global Cybersecurity Forum Institute and the Saudi National Cybersecurity Authority, which are responsible for the development, implementation and supervision of security strategies.

Since their inception, these institutions have launched many cybersecurity initiatives, including the Saudi Federation for Cybersecurity and National Academy of Cybersecurity.

This year, these initiatives helped the Kingdom to secure second place in the Global Cybersecurity Index in the World Competitiveness Yearbook, a ranking created by the Swiss-based International Institute for Management Development, or IMD.

Kaspersky’s latest reports also show a 1 percent decrease in phishing attacks in Saudi Arabia during the first quarter of this year compared to the same period in 2022.

Hashem believes that the decrease may be a result of proactive steps taken by the Saudi government and organizations to implement strong cybersecurity measures and invest in the right technology to protect their systems and data from cyberthreats.

“However, it is notable that as the boundaries of digitization and technology expand, so does the cyberattack surface, because of new vulnerabilities,” he said.

These vulnerabilities are commonly exploited by cybercriminals, leading to increases in phishing attacks, hacking and online scams.

“Social engineering techniques that thrive on human emotions such as fear, greed, curiosity and excitement are commonly used by cybercriminals to manipulate people,” Hashem said.

He said that phishing, baiting, contact spamming and email hacking are common forms of social engineering techniques leveraged to deceive people and gain unauthorized access to information, identity theft and other personal information.

Phishing attacks involve an email, instant message or SMS message pretending to be from a trusted source asking for information, while baiting involves creating a trap to exploit an individual’s curiosity, commonly through a USB stick loaded with malware or an email offering exclusive deals through an attachment.

While there are sufficient resources and efforts made by regional governments and banks to increase the level of awareness around financial phishing attacks and online scams, gaps in education and awareness still exist.

“The fact that we see more and more of these phishing attacks suggests that they are effective and successful, which means that there is still more work that can be done when it comes to training and awareness,” Renze Jongman, an intelligence enablement manager at cyber defense firm Mandiant, told Arab News.

According to Mandiant’s “Global Perspectives on Threat Intelligence Report,” 44 percent of respondents reported that their organization had suffered a significant cyberattack in the past 12 months.

The report also showed that 98 percent of those surveyed believe that they needed to be faster at implementing changes based on available threat intelligence.

As with any other crime, hacking, phishing and online scams increase in frequency if they are successful, Jongman said.

He said that one of the main factors encouraging cybercrime is the existence of “cybercrime-as-a-service” networks — groups that operate professionally and at scale to facilitate the creation of online scam campaigns.

“Near-impunity or the ability to stay (near) anonymous on the Internet, the scale of the problem and the trans-national nature of cybercrime, make it a hard-to-investigate and hard-to-prosecute crime type,” Jongman said.

He said that cybercriminals operated knowing that there was only a very small chance that they would have to face the consequences of their actions.

Additionally, targeting specific companies or industries allows cybercriminals to zoom in on high-value targets, and espionage actors to collect classified and confidential information on very specific topics, Jongman said.

“After all, people looking for a new job will gladly talk about the work they have previously done,” he said.

However, by proactively monitoring threats such as these, companies can protect both their brand and their customers.

Companies that are most successful in protecting themselves against these threats use threat intelligence to detect and respond to these attacks when they occur.

As a result, these organizations arm themselves with the knowledge of what they are defending themselves against, which allows them to take preventative action.

“Simple things like checking red flags in an email, keeping an eye out for typos in an email or text, or using an antivirus, can be of great help,” said Hashem of Kaspersky. “Ignorance is not bliss when cybercrime overpowers your life online and offline.”