Organisations in the UAE are being targeted by cyber-attacks 295 times per week on average in the last six months, according to Check Point Software Technologies’ latest threat intelligence report.
The study revealed that the most impacted industry is the finance and banking sector with 407 weekly attacks per organisation, followed by hospitality and the retail industry with 118 and 107 weekly attacks respectively.
The cybersecurity firm pointed to increased use of mobiles during global lockdowns as the driver behind growth in banking and information-stealing mobile Trojans. It said that most organisations had at least one employee download a malicious mobile application, which threatens their networks and data.
The most common vulnerability exploit type in UAE was Remote Code Execution, which impacted 62% of businesses. Information Disclosure vulnerability exploits impact around 59% of the organisations
The report also highlighted that trickbot, which is a botnet and banking trojan that steals financial details, account credentials, and personally identifiable information, as well as spread within a network and drop ransomware, has been the most prevalent malware in the UAE since the beginning of the year, impacting 14% of organisations as of June 2021 with a global impact of 7%. Meanwhile, xHelper, which is an Android malware that mainly shows intrusive popup ads and notification spam has taken the second spot impacting 4% of the organisations, as Floxif makes its way out of the list in June.
Ram Narayanan, Country Manager, Check Point Software Technologies, Middle East, said, “Today’s security landscape is more complex than ever before. With cyber threats becoming more strenuous to determine and remediate, having a complete view and understanding of the network can prevent cyberattacks. We are now experiencing a ‘ransomware pandemic’ and see attack after attack dominate headlines. Hackers have gone after businesses across industries, and I believe that it will only get worse. It is safe to say that ransomware is now one of the largest national security threats we face. Apart from ransomware, we are also seeing a huge surge in the number of cyberattacks like phishing and malware attempts. Businesses need to be aware of the risks and ensure adequate solutions are in place, but also remember that attacks cannot only be detected, they can also be prevented, including zero-day attacks and unknown malware. With the right technologies in place, even the most advanced attacks can be prevented without disrupting the normal business flow.”
Check Point Software’s Threat Intelligence Report is based on data from Check Point’s ThreatCloud intelligence, the largest collaborative network for fighting cybercrime which delivers threat data and attack trends from a global network of threat sensors; from Check Point’s research investigations over the last 6 months; and on recent survey reports by Check Point of IT professionals and C-level executives.
Commenting on the findings of the report, Satya Gupta, Cofounder and CTO of application-aware workload threat protection provider, Virsec, said, “In Check Point’s new report on the UAE threat landscape, the most common vulnerability exploit type was Remote Code Execution (RCE), which impacted 62% of businesses. This finding is not surprising. From an attacker’s point of view, RCE vulnerabilities in a workload – a workload is typically any program or software that runs on a computer – are the gift that keeps on giving, in countless attacks, not only in the UAE but across the globe. Metaphorically, RCE vulnerabilities are like the rocket that launches the ransomware warhead (like LockBit, DarkSide, REvil, Sodinokibi, etc. ). Most recently, the RCE class of vulnerability was used in the highly publicised SolarWinds supply chain attack and the Hafnium hack of the Microsoft Exchange server. Very early protection against RCE attacks during runtime is essential for effective enterprise protection.”
