As per Sectrio’s Threat Landscape Report for H1 2021, Cyber-attacks on Middle Eastern entities continued to rise this year with more cyberattacks logged from 5 known clusters outside the region targeting critical infrastructure, manufacturing, utilities, and oil and gas sectors.
Most of these attacks were characterized by:
- An exponential increase in the degree of sophistication
- A strong geopolitical connect
- The timing of the attacks was designed to coincide with major offline events including the onset of holidays, reopening of offices, and even government to government discussions
- Malware deployed in the region showed higher levels of new codes and segments indicating that the hackers may be working towards exclusively targeting entities in the region or using the region as testing grounds
- Attacks on manufacturing registered a 200 percent rise
- New APT clusters have sprung up within the region and are now targeting strategic sectors of the economy in countries like Saudi Arabia, UAE, and Oman
The level of activity associated with regional and external APT actors continues to be a source of concern. Some of these players are also collaborating by exchanging information on vulnerabilities and privileges some of which seem to have come from rogue insiders. There is also evidence for an increase in the number of dead drops (data willingly and illegally released by disgruntled insiders) across the UAE, Bahrain, Kuwait, and Oman.
Download the Global threat landscape report for H1, 2021 today
Attacks on oil and gas entities and manufacturing sectors continue to rise disproportionately. Through infrastructure optimization measures, many new devices and systems were introduced into the networks of companies in these two sectors across 2020 and 2021. These devices are introducing new vulnerabilities into the system and creating opportunities for large-scale breaches to occur in the future.
Key takeaways from the global threat landscape report for the Middle East region:
- Businesses need to do a lot more to detect and address vulnerabilities and rogue insider activity
- OT cybersecurity is not getting as much attention as it should. Businesses should look at identifying a credible OT security vendor like Sectrio to address challenges related to OT, SCADA, and ICS security
- The window of opportunity available for hackers to exploit has expanded since the pandemic began. The data stolen from businesses in the initial days of the pandemic continue to appear on the Dark Web and other forums
- Several vulnerabilities have emerged in 2021 chiefly due to a lack of discipline with patching and deploying updates
- IoT security took a back seat because of the availability of cheaper and untested devices
- Businesses need to urgently revisit their cybersecurity posture and work towards adding more layers of security to protect their infrastructure
Worried about your cybersecurity posture, talk to us and we will help you address challenges related to OT and IoT security. As a leading IoT and OT cybersecurity vendor, Sectrio has the solutions and consulting expertise to help. Talk to us today.