Ever since the start of the pandemic, organizations in the UAE have been at the receiving end of many cyber attacks. This bombardment of cyber attacks can be attributed to the sudden transformation to remote work culture. Organizations’ compromised IT security infrastructure was a result of working from remote locations. Cyber attackers have tried to exploit this opportunity to the fullest.
The cyber attacks have been targeted at the financial sector in particular due to the potentially valuable data that can be fetched through such attacks. The attackers have thoroughly misused the vulnerabilities arising through the use of VPNs.
This is because VPNs have been widely used by employees for remote working. They use these vulnerabilities to coax an employee into giving away his/her corporate credentials and gain access to a network. Cyber experts believe that phishing attacks will continue to cause havoc even after the pandemic ends. Phishing has been one of the most used attack vectors during this period because of remote working.
Recently, the attackers have also used WhatsApp for phishing attacks in the UAE. A successful phishing attack results in the blocking of the victim’s WhatsApp account. Moreover, the contacts of the victim start receiving the same message.
A 2020 cyber crime report published by KPMG revealed that businesses are expected to invest heavily in cyber security. But no level of cyber security infrastructure is good enough if there is no awareness among the employees of the organization.
Awareness and Action
The average time for companies in the Kingdom of Saudi Arabia and UAE to detect a data breach is 269 days. A report published by Ponemon Institute in 2020 brought this fact to the fore. A cyber attack can cause valuable waste of time and money.
Therefore, it is best to prevent it from taking place. Modern technology cannot guarantee complete security until and unless the employees are aware enough to detect an attack. The problem starts with manual error or negligence.
The Central Bank of the UAE (CBUAE) conducted a real-time cyber attack simulation exercise. This was done to test the preparedness and resilience of the country’s banking sector against any potential cyber threats. In addition to this, the UAE Banks Federation is also using the medium of webinars to promote best practices in data privacy and protection.
Solutions Against Cyber Attacks
When it comes to the security of organizations, some of the following ways can go a long way in preventing cyber attacks-
- Check for cyber vulnerabilities in the organization by conducting periodic VAPT.
- Restrict or ban the use of removable media in the organization as that can be used to insert malicious content in the systems.
- Encourage employees to use strong passwords and restrict any sharing of such passwords within or outside the organization.
- Back up all the sensitive information/data offline from time to time. This can limit the damage from an attack.
- Limit the access to sensitive information to a very few employees.
- Update software from time to time and remove dormant software and hardware to minimize the risk of corruption.
- Run a cyber attack simulation attack campaign to assess the level of cyber awareness in the organization. Awareness training tools like ThreatCop can be used for this purpose.
- Secure the organization’s email domains with authentication protocols like DMARC, SPF, and DKIM. Anti-spoofing and domain-monitoring tools like KDMARC can help you monitor all three of these email authentication protocols.
- Implement multi-factor authentication.
The economy of the Middle East region is a fast-growing one and as businesses grow, so grows the threat looming over them. Cyber attackers have developed new methods to extract as much as they can from the exposure of businesses to the internet.
Today, organizations run the risk of losing substantial amounts of resources to cyber attacks and this can be weighed against the ease of business the internet provides them. However, this risk can be minimized to optimize the positive outcome.
Click the button below to secure your email domain against spoofing for FREE with KDMARC!