Home Industry Cyber attacks from terrorists ‘just a matter of time’ In the first quarter of 2016 alone, there were 2.2 billion cyber attacks globally by Dean Carroll June 18, 2016 Rapidly evolving threats from cyber criminals and terrorist groups – including ransomware and cryptoware – could result in major attacks on critical infrastructure and industrial systems in the Middle East, according to prominent technology security firm Kaspersky Lab. During a conference in Baku, Azerbaijan, the company’s leading technologists from across the globe gathered to warn governments, corporations and individuals that disaster was just around the corner if secure measures were not put in place. “The most scary attack is cryptoware, which deletes your files and encrypts them without you knowing and then you are asked to pay a fine in Bitcoin to get your information back; the criminals even set up a call centre to tell you how to pay,” said senior researcher Ghareeb Saad. The average ransom companies paid to recover data was said to be $551,000 and it was estimated that white hat security researchers discover 310,000 new computer viruses every day. The 2010 Stuxnet attack on Iran’s nuclear facilities was well known. But senior security researcher Mohammad Amin Hasbini insisted many smaller scale but critical attacks were going unreported by the media – often because organisations did not want the bad publicity involved in revealing a breach. In December last year for example, Ukraine’s power grid was shutdown by hackers and 250,000 people lost their electricity supply for six hours. Just in March and April of 2016, there were attacks on a United States dam, a Korean public transport system, a French hydroelectric system and a Swiss public water system with 2.5 million customers. Major disaster was averted only by chance rather than design. “We got lucky and nobody is aware of these attacks,” said Hasbini. “These things are happening all of the time but you don’t see stories about them in the media. With smart cities, everything becomes reachable; an attack could do real damage.” Hasbini revealed that 295 industrial attacks in the US were reported in 2015, with many more going unreported. Also read: UAE’s IT security spending is not enough – expert In the first quarter of 2016 alone, there were 2.2 billion cyber attacks globally – according to Kaspersky researchers, with 50 per cent of individual internet users facing some sort of hack. The number of attempted breaches was particularly high in Egypt, Turkey and Qatar, while Lebanon was said to be the most secure country in the Middle East. In fact, the number of ransomware attacks in the Middle East rose 15 per cent year on year to 150,000 in the first quarter of 2016. Most infections still came via emails, social networks, websites, routers and USB sticks. Individuals and organisations were urged to keep their chosen browsers, software and operating systems up to date. Best practice also included using an anti-virus programme, adopting strong passwords, enabling the ‘system watcher’ on devices and rejecting the urge to open email attachments from untrusted sources. Some 17 per cent of attacks happened on an Android device, 61 per cent through browsers, 11 per cent by way of Java, 4 per cent via Microsoft Office and 3 per cent through Adobe Reader. So far, terrorist groups have not engaged in major cyber attacks. But a number of Kaspersky staff admitted to Gulf Business that this scenario was inevitable. “It is just a matter of time,” said Hasbini. “The weak link is the lack of awareness both from governments and the contractors they use for public utilities. These are new threats though and everybody is still learning. The attacks are not digital, they are in the physical world and could actually stop people from being able to live their lives; 10 years ago we didn’t have these threats, now there is some new threat every single day.” Gaming and banking systems were also under constant attack from hackers, it was revealed, because “wherever there is money online, you will find cyber criminals,” said Saad. However, most serious of all was the threat to critical infrastructure and public utilities – many of which could be accessed remotely by hackers using a simple login and password. “Unfortunately, in a world where everything is smart not everything is secure,” said senior security researcher Yury Namestnikov. Technology positioning manager Denis Legezo added: “Everything that is online is searchable and vulnerable.” Meanwhile, solutions business lead Matvey Voytov insisted: “Most attacks target money or things that are worth money. But some criminals are looking for intelligence and information. Others might be companies wanting to disrupt competitors or to push an ideological cause.” Kaspersky has 400 million individual users of its product and 270,000 corporate clients across 200 countries. The firm’s chief executive officer Eugene Kaspersky previously claimed he was on a “mission to save the world from cyber criminals.” 0 Comments