New Mimecast report reveals steady increase in malicious files in GCC

There was a 93 per cent increase in malicious files detected between March and April when GCC countries went into lockdown, a new report by cybersecurity firm Mimecast says.

There has been a steady increase in malicious files every month since then, the report, Arabian Peninsula as a Cyber Innovator and Associated Cyber Risk to Resilience in the Region, adds.

The research finds that spam remains the most prominent vector across all sectors throughout the region. Malware-centric campaigns have been observed to continue quarter-over-quarter. And as observed in previous threat research by Mimecast, these campaigns are increasingly sophisticated and continue to use a diverse range of malware during the different phases of an attack. In terms of most targeted verticals in the GCC, between February and August, Mimecast researchers found that the most targeted sectors were professional services; transport, storage and delivery; and retail and wholesale.

Read: Kaspersky signs MoU with Zayed University to boost cybersecurity training in UAE

The report also highlights how threat actors are recycling tried and tested methodologies. Given the evolution of threats illustrated, the Mimecast Threat Intelligence Centre assesses that the range of threats encountered is likely (≈55 per cent – 75 per cent) to continue to both increase in volume, and become more sophisticated the longer the pandemic remains a subject of significant concern to the global community and as organisations return their respective workforces from remote-working.

“As the world navigates a new normal, opportunistic threat actors continue to use a combination of attack methodologies to target vulnerabilities,” said Jonathan Miles, head of Strategic Intelligence at Mimecast.

“These findings put the spotlight on the growing threat activity in the region, placing emphasis on a multi-layered approach to security. Organisations need to implement a cyber resilience strategy with due consideration given to protecting an organisation at its perimeter, inside the network and beyond the perimeter, by protecting its brand from exploitation,” Miles added.