Boardrooms need to direct action on cyber threats

To decipher the sheer scale of these growing risks, we have to breakdown the threat actors’ intentions. In our latest semi-annual “Cybersecurity Report”, we examined several recent headline events, detailing identified intrusions to determine and categorise the types of attacks towards the UAE’s critical infrastructure sector.

The premise for the surge in attacks comes down to the fact that the UAE is an attractive target. More concerning, many of these attacks often go undetected, as many organisations today are lulled into a false sense of security.

Cyberattacks are often performed as part of a wider campaign targeting susceptible targets. Driven by a common objective, campaigns can be instigated by nation-states or organisations that exhibit common behaviours, characteristics, and actors. This overall package forms the basis of an “intrusion set”.

We found that 75 per cent of cyberattacks appear to be motivated by cyberespionage, with the remaining threat actors categorised as an intent to sabotage.

For example, the motivation of an intrusion set known as Shamoon 3 appear to be driven with the intent of sabotage. As a data-wiping malware, Shamoon 3 employ “wiper” tactics that are considered to be used to support nation-state interests instead of financial gains. With a focus towards the oil and gas sector, Shamoon 3’s threat outline poses great harm to the economic strata of the UAE, especially given the fact that this sector is of high strategic importance.

On the contrary, DNSpionage is an intrusion that appears to act with the aim of cyberespionage. It has affected at least 28 organisations in various Mena countries, the UAE included, by enticing victims with fake job vacancies on malware-hosting websites. By employing a malicious DNS-hijacking technique, it redirects the target organisation’s traffic to an attacker-controlled infrastructure.

Overall, these attacks commonly support intelligence collection operations.

We can expect critical infrastructures of nations to remain highly vulnerable and exposed to these widespread threats, of which cyberespionage is the biggest motivator and sabotage a clear and ever-present danger. As the risk of these threats continues to rise, it is important for business leaders to adopt a governance approach to elucidating the value of cybersecurity within their organisations.

Despite the prominence of cyber risks across the globe, there remains a disconnect between organisational management boards and the veracity of the digital threat landscape. This disconnect extends to the actions, or lack thereof, that can be taken to safeguard business continuity and growth via fortified security infrastructure and frameworks.

Fallout from a cyber-breach can be catastrophic, as these threats are relentless; the impetus needs to shift towards addressing cybersecurity measures from the top-down. Companies cannot overlook the benefits of digital and technological proficiency at board level.

As MIT’s latest research reveals, digitally in-tune boards drive improved business outcomes, including 38 per cent higher revenue growth and a 17 per cent increase in profit margins. The same line of thinking should apply to cyber issues.

Cybercriminals will continue to hit where it hurts the most: through attacks on critical infrastructure that will inflict devastating economic and reputational damage. A hit on any of these could also severely affect the economic and social progress of our nation.

This is why we must remain vigilant, and companies and C-level executives in every sector must think of cybersecurity as not just a priority, but also an obligation.

Rabih Dabboussi is Senior Vice-President for Sales, Business Development and Marketing at DarkMatter Group.