The Gulf Countries, Especially Qatar in the Age of Cyberattacks
Cyberthreats are happening even in the Gulf countries, especially in the isolated state of Qatar. A few months ago, other countries in the Gulf have severed ties with Qatar, but the country remains prosperous without any visible negative effects. However, the Cyberdefense of companies operating in the country leaves a lot of holes for cyber attacks. In fact, now only in Qatar, but for the rest of the Arab countries in the middle east region.
Cyber attacks against Gulf countries has increased, a survey released last May 2018 a 41% appearance of cyber defense issues against middle east-based companies. This number is larger than 46% compared to the statistics two years ago, in 2016. Firewalls that remained un-updated became liabilities instead of an asset in the fight against hackers, this is a gap that could have been controlled by system admins as top vendors of networking hardware issue regular firmware updates every time a vulnerability is discovered.
“The evolving cyber threat landscape worldwide and here in the region requires that governments and individuals prioritize taking adequate measures to safeguard themselves from attacks. This requires identifying loopholes hackers can exploit across the entire supply chain. At the same time, governments and organizations must invest in robust cybersecurity measures or risk attacks that could compromise their entire operations,” said Ziad Nasrallah, Booz Allen Hamilton MENA’s principal.
Here are the risks that Qatar and the rest of the Gulf countries are facing:
Creating cybersecurity panic during world events
Contrary to the knowledge of common folks, world sporting events like the Olympics and FIFA World Cup are always attractive for cybercriminals. Previous hosts of the mentioned sporting events invested a lot for credible cyber defense compared to the everyday governance of a country. In 2022, Qatar will be hosting the World Cup, and it is highly anticipated that cybercriminals are already setting their sights on the weaknesses of the contracting companies that will make the sporting event happens.
Spread of ransomware, to lockdown company data
Qatar is aware how damaging ransomware is, to a point that even its Ministry of Transport and Communications’ Qatar National Information Security Center issued guidelines on how companies should better protect themselves from being locked out of their own files. Ransomware is very profitable for cybercriminals, WannaCry alone in 2017 earned an estimated $4 billion worth of ransom before its command and control servers were physically shut down by authorities.
Weak government agencies and private sectors who skip on acquiring credible cybersecurity defense.
Gulf states should start increasing the cyber defense spending. Country’s borders when it comes to the Internet is porous compared to a real-life border. The weakness is within the confines of networking hardware. A non-updated firmware is a problem waiting for trouble to happen anytime.
Pressures from hacked cryptocurrency platform
Cryptocurrency is a main instrument to bypass authority figures, facilitating money laundering, which fuels cybercriminals.
Vulnerability attacks against vendor’s app
Companies don’t develop all the apps they use. Most of these apps are installed and maintained within the lifetime of the software. Unfortunately, due to growing dependence on the software, many companies refuse to update. Not all updates are beneficial, as key features can be removed by the vendor without any warning. It is a double-edged sword, as updating may lose a mission-critical feature, while not updating opens the risks to hacks.
Anti-supply chain malware
If a company has a credible cybersecurity defense strategy, the other way to bypass it is through its suppliers. A weak supplier also means weak cybersecurity as a whole, suppliers also need to conduct a cyber audit to find out the weakness in their IT infrastructure
Kevin Jones951 Posts
Kevin Jones, Ph.D., is a research associate and a Cyber Security Author with experience in Penetration Testing, Vulnerability Assessments, Monitoring solutions, Surveillance and Offensive technologies etc. Currently, he is a freelance writer on latest security news and other happenings. He has authored numerous articles and exploits which can be found on popular sites like hackercombat.com and others.