Dubai:
The UAE leads the table in number of malware attacks that spread through corrupted local networks and removable media in the Middle East as the security threat landscape is seeing an increased activity from hacktivism groups that use distributed denial-of-service (DDoS) and web defacement attacks to deliver their political message.
DDoS attack means an attacker sends too much traffic to a server beyond it can handle and the server goes off line.
Although internet-based malware incidents increased in the third quarter of 2013, local threats are still dominating in the Middle East. In turn, the region’s most widespread malware, as detected by Kaspersky Lab analysts, appears to be win32.Sality — a polymorphic virus that propagates using removable media and network shares.
According to the report, 34 per cent of all local malware attacks detected in the region were in the UAE, followed by Saudi Arabia with 22 per cent and Turkey with 14 per cent.
“In general, the security threat landscape for the Middle East region is seeing increased activity from hacktivism groups that use DDOS and web defacement attacks to deliver their political message. Although removable media and local networks are still the primary method for spreading malware in the region, there is an increase in the use of drive-by downloads which exploit vulnerabilities in browsers and their plugins. Android mobile malware is rapidly becoming more widespread in the Middle East, and this is causing companies to have more concerns about adopting a Bring Your Own Device strategy,” said Ghareeb Saad, Senior Security Researcher at Kaspersky Lab.
In the third quarter of 2013, nearly half of Egyptian users (47.8 per cent) suffered from local cyber threats that spread via offline sources – removable USB drives, CDs and DVDs, etc. In other Middle Eastern countries between a third and a half of users suffered similar problems, with the lowest figures coming from Kuwait (33.4 per cent) while Qatar (40.7 per cent) was second behind Egypt, according to a data provided by Kaspersky Security Network (KSN).
Matteo Masserini, sales specialist for managed security services at Symantec, said that cybercriminals continue to device new ways to steal information and users need to use in-depth defensive tools to stay ahead of attacks. Targeted attacks on businesses are growing than ever before and cybercriminals are not going to slow down, he added, for good measure.
“Businesses and government entities only look for security solutions after they have been infected, but by then the damage has already been done,” Moawad said. Every security breach costs on average $3.7 million.
However, Turkey suffered the highest prevalence of internet-based malware incidents — slightly more than a third of its users (34.4 per cent) were attacked by such threats in the quarter, followed by Qatar with (29.3 per cent) and Saudi Arabia (27.4 per cent).
“The rating indicates the user’s online security awareness — there is an obvious correlation between greater understanding of the risks of malicious sites and lower levels of Internet-based malware incidents,” Saad said.
“The visible infections in the region continue to grow year-on-year,” Moawad said. “As we become more dependent on the web, threats will only increase. We must be better protected because the consequences are more than what individuals and businesses can afford.”
Malware spread via social networks (especially Facebook and Twitter) has increased sharply in the Middle East, probably due to the massive rise in social network users in the region – now 88 per cent of the Middle East online population uses social networks daily.
Another reason for spreading malware is to capitalise on interest in the volatile political situation in the region – by creating fake links to political news and videos, criminals can direct users to malicious websites to exploit vulnerable browsers and download malware.
