You go online, start shopping on on E-commerce site or open an online banking account with your financial institution, and a week later you find abnormal purchases made through your card or paid service signups under your name. This is not a scene out of “Blackhat”, or a once in a year turn of events, this is a reality an increasing number of people in the Middle East, and the GCC specifically, encounter everyday.
The number of malicious attacks, identity theft, online fraud and personal data leakage has been on the rise for the past few years, partly driven by the online revolution the Middle East has been subject to. From the ever increasing number of E-commerce websites, to the proliferation of online banking and internet penetration, we are more exposed than ever to the dark side of the internet.
When we talk about cybersecurity, we’re not only concerned with the major cyber attacks on infrastructure, multinationals or sensitive facilities (the case of Stuxnet, Shamoon and the Sony hack are clear examples, the recent OPM Hack in the US stands out) although they are of primordial relevance, but we’re concerned with the day to day cyberattacks that cost the private sector billions of dollars over the years. The governments are well equipped, or at least better equipped, than midsize companies or corporations, which leaves the public at a greater danger of falling victim to malicious attacks given how little informed it is about the fragility of our cybersecurity landscape in the Middle East.
VUL9 Security Solutions, a cybersecurity company focusing on helping firms in the region build stronger cybersecurity defence mechanisms and remediating vulnerabilities in their systems, helped us better understand how fragile cybersecurity measures are within institutions thought to be at the vanguard of security and data protection. Whether it is banks or technology giants, VUL9 has seen it all, and from their accounts, it is hard not to fall into a state of paranoia given how little protected our online data is. To illustrate their case, VUL9 cites several large GCC based institutions, from ISPs to E-commerce giants, that turned out to be fragile when it comes to cyber threats. With customers and operations running in the millions, and a A-team of employees carefully selected, one has little doubts about the private sector’s giant ability to install a state of the art cybersecurity infrastructure, yet, the team at VUL9 managed to find a plethora of vulnerabilities in the sites and networks of billion dollar companies across the MENA region, sometimes going as far as leaving huge databases exposed. These critical vulnerabilities potentially pose an immense risk to the users’ privacy and the safety of sensitive information and trade secrets, and is a testimony to how little prepared Middle Eastern companies are in terms of IT security. Hackers, in this case motivated by the appeal of financial gain, or competitors seeking to impede their adversaries’ operations, could easily make use of the vulnerabilities and generate site malfunctions, sensitive data theft or losses running in the millions of dollars.
The good news is, growing concerns about cybersecurity in the region have materialised into increasing expenditures on IT security services. The cybersecurity market size in the Middle East is expected to grow into a $9.5 Billion business by 2019, up from the current $5.2 Billion figure. Saudi Arabia and the United Arab Emirates remain the targets of choice for foreign hackers given the high internet penetration and large economic activity these countries boast.
The efforts to fight against cyber attacks of all sorts are primarily driven by governments given their growing national security concerns, especially at times where tensions are high and where conventional warfare is increasingly replaced by cyber-warfare given its low costs, high impact and anonymity premium.
If you thought you were adequately protected and safe online, you may want to think again!
Photo Credit: BBB.com