In the last 15 days, hackers in the Middle East and Africa region have added another sector to the list of their targets in the region. Cyberattacks on healthcare facilities in the region rose significantly over baseline levels during this period. Let us examine the causes and implications of this trend.
Since 2019, we have seen cyberattacks by regional APT groups rise substantially. The primary targets were oil and gas facilities and utility infrastructure including facilities related to water treatment and distribution. These tit-for-tat attacks spilled over into the healthcare sector and now many established healthcare facilities are being targeted in the region.
The common factor in both these segments is the potential for impacting ordinary citizens. As we have seen in the last 6 years, APT hackers often target facilities that can cause maximum disruption. Research by Sectrio has shown that hackers were targeting critical infrastructure through reconnaissance malware. Since most of these attacks went unchallenged within the networks of targeted institutions, hackers were able to gather plenty of information on data flow behavior within networks, security measures, device architectures, connection configurations, and information on privileges.
Hackers used this data along with hijacked smart devices such as web cameras, connected home automation hardware, and connected devices deployed by manufacturers to target high-value infrastructure in the region. We expect such attacks to continue till the fall of 2024. This forecast is based on past cybersecurity measures we have seen in the region.
Cyberattacks will continue to evolve in the meantime. The only way businesses can protect themselves is by investing in the right measures to contain cyberattacks and increase the distance between them and the hackers. These include:
- Developing a more comprehensive understanding of device topology to know what is connected and exactly what it is doing on the network
- Frequent vulnerability scans to detect and address vulnerabilities early
- OT and IoT devices should be checked for CVE vulnerabilities
- Operate with an OT-IoT-IT risk management model that emphasizes early detection and mitigation of threats
- Adopt cybersecurity frameworks such as Zero trust and IEC 62443
- Use micro-segmentation to deploy granular cybersecurity policies as also to prevent lateral movement of malware
- Manage privileges
- Allow all components of the infrastructure to earn trust for connectivity and end-use
- Use the right threat intelligence to identify the latest and relevant threats
We are offering a free OT-IoT cybersecurity assessment slot for select businesses in the Middle East and Africa region at GITEX 2021. Walk into H2-D1 at the World Trade Center or give us your details here to claim this offer.
In case you prefer a more detailed meeting, do reach out to us at info@sectrio.com
