Beware: Cyber-crooks now eyeing more of Middle East, Turkey and Africa region

Dubai - Kaspersky Lab's Vienna event discusses main threat vectors affecting businesses in region

Armed with new methods and capabilities, cyber-criminals are targeting financial institutions and banks in the Middle East, Turkey and Africa (Meta) region, Kaspersky Lab experts warned at the recent Cyber Security Weekend in Vienna.
Experts gave an overview of global and regional cyber-threats and security trends, discussed the main threat vectors affecting businesses in the region, particularly organisations from industrial and financial sectors. Special attention was paid to protection of connected devices used by individuals, businesses and governments as part of smart cities.
In 2016, the number of users attacked with banking Trojans increased by 30.55 per cent compared to 2015. In the first three months of 2017 on average 38,000 of Trojan attack (Gozi 48 per cent, Dyre 16 per cent) per month were detected and blocked in the UAE after Turkey's 45,000 (Gozi 32 per cent, Android 12 per cent), according to Kaspersky data.
"In the first quarter of 2017 we saw threat actors turning their attention to wipers, as well as financial crime. Fileless malware has been used in attacks by both targeted threat actors and cyber-criminals in general - helping them to avoid detection and make forensic investigations harder," said Ghareeb Saad, senior security researcher at Kaspersky Lab's global research and analysis team. "The volume of financial transactions and the use of Internet of Things devices in the UAE and the GCC countries have grown, which is one of the main reasons why banks and the end users are constantly being attacked," said Shehab Najjar, head of tne cyber counter-terrorism unit at Cyberpol CIB.
"The UAE is the second-biggest target for cyberattacks in the Meta region after Saudi Arabia in this regard," he added.
In the GCC, the country with the highest number of users (29.7 per cent) affected by Web threat incidents is Qatar, followed by Saudi Arabia (24.2 per cent) and the UAE (23.6 per cent) in the first three months of 2017, Kaspersky Security Network (KSN) cloud service statistics showed.
Algeria was on top in the Meta region with 66.5 per cent of users affected by local threats (malware spread in local networks, by USBs, CDs, DVDs, etc), followed by Morocco (59 per cent), Tunisia (57.9 per cent) and Egypt (52.8 per cent). In the GCC this list starts with Oman (54.6 per cent), Saudi Arabia (53.1 per cent), Qatar (49.8 per cent) and the UAE (47.6 per cent).
The highest numbers of Web threat incidents were reported in the same countries in Africa - Algeria (38.1 per cent of KSN users), Tunisia (32.4 per cent) and Morocco (26.1 per cent) followed by Egypt (23.5 per cent). South Africa had one of the lowest numbers of affected users in the Meta region (46.8 per cent for local and 12.9 per cent for Web threats). The number of ransomware notifications in the region increased 36 per cent compared to the first quarter of last year, and according to Kaspersky Lab experts will continue to grow due to the increased availability in the cyber-criminal ecosystem of ransomware as a service.
KSN registered over two times more banking Trojans (121 per cent increase) than it did in the same period of 2016, while the amount of mobile infection attempts stopped by Kaspersky Lab's products increased 1.5 times.
Saad said that hackers with advanced skills and techniques from around the world and particularly from China and Russia are renting their services and malwares to the hackers in the Meta region to attack local targets. "Usually local hackers in the region do not have that advanced technical expertise and knowledge but with the help of criminals from other countries they can get the malware to attack local networks," he said.
The experts said that while governments are striving towards smart cities, the infrastructure and devices and the IoT could be the targets.
Denis Makrushin, senior security researcher, said that the rise in the use of smart devices in the field of healthcare, security cameras, routers and security locks is leading to them being targeted by criminals.
He says that spreading awareness is the best defence along with the security precautions to keep smart devices and the IoT safe from any potential cyber-threat. So users should activate strong passwords, regularly check for and install software updates and implement appropriate security software on every connected device on the network, including routers. While IoT device manufactures should pay attention to cyber-security at the development stages, and not when their product is already on the market.
The experts said that the prevention is the best option against any potential threats. They advised that users must not expose their personal and financial information to the hackers by using it on unsafe Internet connections or while visiting suspicious sites.
At the event, Kaspersky Lab also announced the renewed Kaspersky Anti Targeted Attack Platform, a solution to detect advanced threats and targeted attacks for enterprises. It blends advanced machine learning algorithms, actionable worldwide threat intelligence and adaptivity to customer infrastructure, to help large businesses uncover the most sophisticated and damaging attacks at any stage of their development.
Andrey Nikishin, head of future technology projects, said that Kaspersky Lab is continuously researching cyber-threat landscape and providing the security solutions to the users against any potential threats.
- riaz@khaleejtimes.com