MUSCAT, Oct 19
Cybersecurity researchers have kept a close eye on the MENA region for Advanced Persistent Threat (APT) and have worked on 68 investigative reports related to 29 cyber gangs actively targeting the Middle East since the start of the pandemic in 2020
Kaspersky researchers issued 49 threat intelligence reports as a result of investigations associated with cyber-attacks on the United Arab Emirates, which is the most number of reports coming out of all the Middle Eastern countries. The second highest is Saudi Arabia with 39 reports followed by Egypt with 30 reports. Kuwait and Oman followed suit with 21 reports each, while Jordan had 20 reports. Other investigative reports issued were from Iraq, Qatar and Bahrain, which had below 20 reports from each country.
The Middle East region has always been a hotbed of such targeted attacks due to geopolitical factors. The highest number of APT attacks primarily targeted governmental agencies: Government institutions where the most targeted followed by Diplomatic institutions, Education and Telecommunication institutions. Other targeted sectors on the list include Financial institutions, IT Companies, Healthcare, Law firms, Military and Defence. Some of the notorious APT groups investigated are the Oilrig, WIRTE, Lazarus and Sofacy.
Amin Hasbini, Head of Global Research and Analysis team for Middle East, Turkey and Africa at Kaspersky commented: "Our reports are the product of their visibility into the cybersecurity landscape and promptly identify what poses a threat. We use these insights to of course alert the concerned organizations on time and provide them with the protection as well as intelligence needed against both known and unknown threats. As companies move towards digitisation especially due to the pandemic, it is more important now than ever before to know about the threats that are constantly evolving.”
Advanced Persistent Threats (APT) attacks as the names suggest are ongoing threats that are active for years on end. Evaluating these attacks allows cybersecurity teams to make connections and try to measure the motivation behind why these attacks took place. It also helps teams to calculate what the attacker’s next moves could be and accordingly take the necessary steps to protect themselves against future incidents.