UAE, Saudi Arabia prime targets for cyberattacks - Microsoft

Microsoft's chief security engineer says vast majority of attacks are easily prevented using simple steps.
UAE, Saudi Arabia, Tech, Hacking, Vulnerability, Cyber, Security, CYBERSECURITY, United Arab Emirates, Business


The GCC remains a lucrative target for cybercriminals, particularly those using “botnets” which allow hackers to remotely take control of devices, often without the knowledge of the device’s owner, according to Microsoft.

In its latest security intelligence report, the GCC makes up nearly 11.4% of the Middle East’s total bot population, with the Saudi capital of Riyadh itself accounting for 43.1% of bots in the region.

According to the data, Dubai was ranked as the second most bot-infected city in the GCC, with 24.7% of bots.

Statistics show that while increased awareness and investment in cybersecurity saw attacks decline in the first half of 2018, cyber criminals still managed to steal close to AED 4 billion from victims in 2017.

Speaking to Arabian Business in Dubai, David Weston, Microsoft’s principal security engineering manager, noted that while security is improving and the number of cybercriminals is believed to be decreasing, they are becoming increasingly sophisticated.

“The actual number of attacks we are seeing is dropping linearly, year on year we are seeing less and less,” he said.

“You can see that in the price of a weaponised exploit [used by hackers], which has skyrocketed, to hundreds of thousands or millions of dollars. That’s representative of the scarce supply of people who can turn a vulnerability into something that would work [for a hack].”

Weston added that, in the case of Windows, “the protections we are putting into the platform represent a whole different level of skill.”

“When I started in security, you could probably learn to write an exploit within a weekend…now we’re talking months or years of investment to even implement that,” he said. “That limits the amount of people who can do it….but my assumption is that the attack community as a whole though is that it’s better than it’s ever been.”

Weston added that the most common cyber threats, however, are not from highly sophisticated attackers, but through relatively simple attacks accomplished through social engineering – such as sending a phishing e-mail with a malicious attachment – or through poorly secured cloud apps.

“The vast majority of attacks are easily prevented, one way or another.  There are practical solutions. Phishing and social engineering are massive attack vectors,” he said. “There are many things, including user education. Other things we see are running out of date software, that’s a big gotcha.”

Editor's Choice

Mobiles, not mummies: CommsMEA goes to Capacity North Africa in Cairo, Egypt
What went down on our first visit to the Egyptian capital.
Society on the move: Dr Nuria Oliver on how data – and mobile phones – can make the world a better place
Data can help lift up society and make the world a better place, says Dr Nuria Oliver. And a key part of that: mobile phones.
From the mag: how Liquid Telecom is building Africa’s digital future
A lot of organisations may talk about helping to deliver the digital future for Africa. But you’ll have a hard time finding one more fully dedicated to that mission than Africa’s own Liquid Telecom. Group Chief Operating Officer Ahmad Mokhles discusses how it’s achieving that, and what the implications for society – not only in Africa, but around the world – could be.

Most popular

Don't Miss a Story