Abu Dhabi: Cyber-attacks have mostly targeted the banking sector, including the ATM and Internet banking applications, in the UAE, a report published in the January issue of 999 Magazine, the official English monthly of the Ministry of Interior, revealed.
The banking sector topped the list with 35 per cent share of attacks, while the remaining 65 per cent were launched against the government’s e-services, telecommunication systems, and educational institutions’ systems, according to Lieutenant Colonel Yasser Mohammad Al Wahabi, E-Infrastructure Director, General Directorate of E-Services and Telecom, UAE Ministry of Interior.
To address this problem, most of police general headquarters in the UAE have established cybercrime and organisational security units. They also have computer forensics teams that specialise in obtaining, recovering, examining, analysing, and presenting electronic evidence stored on computers or other electronic devices.
“The assigned role of a cybercrime unit includes investigating all types of crimes committed against and by means of computer data and systems,” Al Wahabi said. The units’ tasks include investigation, collection of data and forensic analysis, contribution to drafting national legislation on cybercrime, contribution to defining a national cybercrime strategy, defining internal procedures and implementing training and awareness programmes.
According to the 999 report, the very nature of cybercrime has changed from lone individuals trying to rattle the system, cyber criminals are now extremely well-organised, well-connected and well-funded groups. Online crime is no longer only about stealing people’s money and identity, though these remain the most common and lucrative scams. Cybercrime syndicates are now capable of launching debilitating attacks on entire defence systems and national infrastructure such as air traffic control.
Major Rashid Ahmad Lootah, Director of Electronic Evidence at the General Department of Criminal Evidence and Criminology in Dubai Police, and a member of Ministry of Interior’s Child Protection Committee said several challenges came to light in the advent of new technologies.
Smartphones that store data, access the Internet and are often used in wi-fi environment mark the next stage in the evolution of cybercrime. These phones are one of the key focus areas for police forces in the UAE.
Lt. Colonel Awadh Saleh Al Kindi, Editor-in-Chief of 999, said: “Cybercrime has become a world war of our times. The total global volume of cybercrime in 2011 was $388 billion, and in 2012, consumer cybercrime alone caused losses of $110bn. In the UAE, experts estimate that three-quarters of Internet users in the country will become victims of cybercrime. Of that figure 75 per cent of the hacking is slated to happen around our bank accounts. And only one out of 10 is estimated to have installed anti-virus software on mobile phones.
“The criminals target everything from your money to your identity to the infrastructure that keeps a nation working. The UAE has taken the lead in cyber defence in the GCC, but much more needs to be done, starting with the individual consumer, which is you. Protecting your personal data should be one of your top resolutions for 2013.”
Cloud computing has also become an ideal target because of its reliability and scalability. “By using a stolen credit card to purchase a virtual storage in the cloud, an attacker can exploit highly refined and rapid virtual servers to breach encryption algorithms,” Lootah said.
Social networking, too, has become a playground for criminal minds due to its ability to store big amount of private data. Blackmail, identity theft, impersonation and misinformation are just some of the acts committed through this medium.
The Norton Cybercrime Report 2012 takes note of how criminals are targeting people through their phone usage. The survey shows that one in five online adults (21 per cent) has been a victim of either social or mobile cybercrime.
The cost of online fraud to UAE residents in the 12 months till September 2012 was more than Dh1 billion. Large though that figure is, it is less than half the losses caused by cyber criminals in the preceding 12 months, when the number was Dh2.3 billion. Both of these figures were published in the Norton Cybercrime Report for 2012 and 2011, respectively, and they indicate a positive trend: cyber defence is getting better, even as the criminals come up with newer ploys.
The UAE has been tightening its cyber security net, becoming a leader in this area, not only in the Gulf, but globally, too. The country takes cyber security so seriously that it was No. 1 in the GCC and No. 4 worldwide in 2012, in the report issued by The International Institute for Management Development, Switzerland a huge achievement, as the UAE leapt up 31 places from its No. 35 position in 2011.
In November 2012, the UAE passed a new cyber law that has brought under its purview a number of new-age information technology threats: spread of terrorist messages; online prostitution, pornography and human trafficking; illegal fund transfer; and attempts to destabilise the state. The law also seeks to protect people against one of the most common forms of online fraud: theft of bank account numbers and passwords through ‘phishing’ (fake) sites.