Government is top target for malware in H1 says FireEye
FireEye Advanced Threat Report shows government is focus of attacks in EMEA region
Security company FireEye has warned that the government sector was the top target for malware in the EMEA region in the first half of the year.
According to FireEye's Advanced Threat Report, nearly 20% of all malware recorded by the FireEye Dynamic Threat Intelligence (DTI) cloud, and over 15% of advanced persistent threats in EMEA were targeted against government organisations. Saudi Arabia experienced the second highest number of malware attacks in the EMEA region, accounting for 11% of the detected total. Malware attacks nearly doubled between January and June 2015 in EMEA.
In the GCC region, Government, Education and the Finance sector were the most targeted verticals across the GCC region. The three verticals alone counted for almost 92% of the attacks.
Ray Kafity, vice president for the Middle East, Turkey and Africa (META) region at FireEye commented: "FireEye sees a continuing trend of advanced attacks against organisations in the Kingdom of Saudi Arabia. We believe that Cyberspace is reflective of developments in the real world, and the latest Advanced Threat Report evidences just how heightened digitization and increasing connectivity across the GCC is seen as a lucrative opportunity for cyber criminals.
"In the face of increasing attacks, regional governments and enterprises need to prepare an effective and cohesive cyber defence strategy that minimizes the risk of infiltration and the theft of valuable data and intellectual property."
Attacks against government are mainly carried out by financially-motivated hackers, FireEye said, who are looking for sensitive data. Central agencies and institutions that maintain citizens' data, like departments of revenue, are likely particularly at risk, due to the potentially valuable information stored on their networks.
Organisations in EMEA are almost certain to face cyberespionage risks from state-sponsored or state-associated threat actors working for or in association with nation-state governments. Attacks may also target local government first and then use these compromised systems to attack central government. The most prevalent threat in the first half of 2015 within the government sector was the Kaba backdoor, which has been seen in use by a number of Chinese advanced persistent threat (APT) actors.