Can regional firms afford cybersecurity breaches amid virus concerns?

It is not every day that we see news headlines that look like they’ve been pulled from sci-fi film scenes. This year has truly obscured the lines between fiction and reality as we continue to battle invisible threats, both from a coronavirus pandemic and from cybercriminals.

Unlike movies though, which often depict cybercrime as a battle between good and evil, where mastermind hackers alternate between taking down and restoring systems as part of a major plot, the truth is that cybercriminals aren’t always antagonists with a cause – most can execute successful attacks with minimal knowledge and a basic motivation to steal.

After all, cybercrime is forecast to cost the world about $6 trillion by 2021 according to the Global Foundation for Cyber Studies and Research.

Closer to home, a 2020 study by the Ponemon Institute found that the cost of a data breach in the UAE and Saudi Arabia has risen by 9.4 per cent over the past year, costing companies in the region $6.53m per breach on average, markedly higher than the global average of $3.86m per breach.

The successful implementation of digital initiatives in the Middle East region has always brought with it increased exposure to cyber threats. The UAE, in particular, ranks among the most targeted countries in the world for cybercrime due to its position as a regional hub for commerce and tech.

However, the overnight shift of millions of workers from on-site to remote work in response to the Covid-19 outbreak has drastically expanded the attack surface, luring cybercriminals and hackers to capitalise on the work-from-home disruption and confusion, and sheer volume of new target opportunities online.

In April, the Dubai Financial Services Authority (DFSA) cautioned the financial services community and members of the public about an increase in scams and other fraudulent activity since the onset of the virus.

Meanwhile, the UAE’s Telecommunications Regulatory Authority said its National Computer Emergency Response Team foiled more than 100,000 cyberattacks against just federal government’s entities in the month of June.

A report released just last week by CrowdStrike worryingly showed that in the first six months of 2020, there were more than 41,000 hands-on driven intrusions on their install base, up from 35,000 for the whole of 2019.

A hands-on intrusion is when attackers actively explore compromised systems instead of just relying on scripts and automated tasks. This makes them more challenging to identify, and also indicates that the attacker has an incentive worth the additional time investment of a manual attack.

All of this gives cause for concern to grow, especially as we are now six months into the remote working life. The biggest problem we see is companies still playing catch up to secure their remote access while cyberthreats continue to multiply. Many businesses have failed in securing their assets because their digital transformation was focused on functionality and overlooked security.

Far from film narratives, this is not just a challenge for governments, financial institutions and giant corporations either. Anyone can fall victim – and as the threat landscape broadens, no sector or size of business is immune.

Hospitals, universities, e-commerce platforms and even SMEs are all targets for criminals looking to take advantage of vulnerable systems that are exposed online and improperly protected.

Improving cyber resilience can minimise the potential losses an organisation faces from cybercrime, but the risk is not only a financial one, as reputation, trust and operations can all be jeopardized.

Even with strained IT budgets and CIOs being told to do more with less, the growth of Covid-19-related remote working means businesses simply must invest in their security or risk serious business disruption.

As most organisations are now learning the hard way, the main foundation behind a successful digital transformation is having strong security in place and they can no longer risk running in reactive mode.

After all, can you really afford an attack in the middle of a pandemic?

Nicolai Solling is the chief technology officer at Help AG, the cybersecurity arm of Etisalat Digital