UAE sees 400% increase in share of global targeted cyber-attacks: Symantec
Surge noted, despite improvement in threat-profile rating
The UAE's share in the world total of advanced, targeted cyber-attacks has increased 400%, despite an improvement in the country's threat-profile rating, according to cyber security company Symantec.
In Symantec's analysis of countries' Internet security threat profiles, the UAE's 2014 world rank stood at 49, compared with 47 in 2013. While the change reflects a lower number of source-based security threats, including malicious code, spam, phishing hosts and bots, the number of targeted attacks against UAE entities increased during this period from less than 1% of the global total in 2013 to almost 5% in 2014.
Cyber-villains are using advanced new methods to evade detection and hijack corporate infrastructures with impunity, according to Symantec. In volume 20 of its Internet Security Threat Report (ISTR), the company warned of a "tactical shift" among the cyber-attack community.
"Attackers don't need to break down the door to a company's network when the keys are readily available," said Hassam Sidani, regional manager, Gulf, Symantec. "We're seeing attackers trick companies into infecting themselves by Trojanising software updates to common programs and patiently waiting for their targets to download them, giving attackers unfettered access to the corporate network."
The UAE's ranking for network attacks deteriorated, from 53 in 2013 to 48 in 2014, and Web attacks also worsened, from 60 to 50. When compared to the threat profiles of the top 10 countries analysed in the Middle East and Africa, the UAE remained unchanged from 2013 with a ranking of 7.
Similar to 2013, the top industry in the UAE for spear phishing campaigns was finance, insurance and real estate, where 40% of all incoming emails were targeted attacks. The smallest organisations with workforces under 250, experienced the highest volumes, at almost 89%.
Continues on next page>>