MUSCAT, JULY 15 – Cyberattacks targeting Omani government networks surged to a staggering 880 million in 2017, according to the Information Technology Authority (ITA), the frontline agency tasked with, among other things, overseeing information and cybersecurity in the Sultanate. The figure represents a roughly three-fold increase over the 2016 tally of over 279 million cyberattacks, underscoring the magnitude of the threat that networks operated by the government, and indeed other public and private entities, face in Oman.
A key part of the ITA’s mandate is to provide a “secure environment” for users of information systems and electronic devices — a task rendered by two units: the Information Security Division, which is responsible for the security of government entities, and Oman CERT (The Oman National Computer Emergency Readiness Team), which oversees the security of Oman’s cyber space. Services provided by the Information Security Division include: networks and portals protection, Internet access security, end-point security, information security operations, security assessment and IT security consultancies. OCERT, on the other hand, “addresses the issues of cyberthreats and risks and hence the provision of a secured cyber environment in using online eServices and the protection of critical national information infrastructure”.
Attacks targeting government websites were marginally down to 1.411 million cases in 2017, down from 1.745 million in 2016, the ITA noted in its 2017 Annual Report. In all of the instances, the attacks were successfully thwarted, the regulatory authority said.
Government networks also faced a barrage of attacks from spyware, malware and other viruses during the year. As many as 1,859 spyware threats were successfully detected last year, down from 6,416 a year earlier. Viruses and malware, however, skyrocketed to 11,370, up from 7,824 cases in 2016. Also last year, over 500 security incidents of a significant nature were “detected and handled”, according to the ITA.
A total of 44 government sites and 14 web portals were secured as well. The detection and handling of security incidents within five working days — a key performance indicator — was pegged at an impressive 96.5 per cent.
OCERT in particular was credited with several achievements in the form of technical security support and information security awareness in 2017. The agency successfully uncovered and thwarted 44,340 attempted cybersecurity attacks targeting Oman’s cyber space last year. This compares with 16,118 real and serious attacks reported in 2016.
In addition, 2,459 real cybersecurity incidents were brought to the attention of the ITA by the government, critical national infrastructure organisations, and the public in 2017 – all of which were successfully handled.
Further, a total of 626 malware infections were diagnosed by OCERT’s Intelligence Gathering System from the analysis of millions of attempted cyberattacks on Oman’s cyber space.
Importantly, OCERT handled as many as 172 digital forensic cases involving the examination of 877 pieces of evidence including computers, mobile phones, external hard disks and USBs that were used in the commission of cybercrime in Oman. Oman’s growing success in fighting cybercrime has earned it a coveted 4th place in the global Cybersecurity Index, and 1st place regionally.