Dubai: Most companies in the UAE are not very serious about the cyber security threats despite hackers becoming more sophisticated year after year.
Experts have identified sophisticated malwares as the most effective weapons used by cybercriminals to spy, steal critical information or even remotely manage infected computers of an individual or company.
According to a research by Ponemon Institute, insecure browsers allow web-borne malware to infiltrate more than 75 per cent of enterprises worldwide. The institute also estimated that organisations have spent $3.2 million (Dh11.7 million) on average to remediate breaches caused by the malware.
Dubai-based BetterWeb Solutions, a company providing services in Web development, SEO, SMM, etc, has found vulnerabilities in many of the websites used by leading companies in Dubai.
“We’ve started a campaign by analysing websites of 50 large companies in terms of security. We find vulnerabilities every day. The worst thing is that most of these companies don’t care that their sensitive data is accessible for professional web users like us,” Dovlet Hojayev, General Manager of BetterWeb Solutions, told Gulf News.
He said that his company has continuously contacted and reminded those companies with the advice to fix their security issues. Unfortunately there is no response from the other end. However, some companies are very serious about their users’ information.
In light of previous attacks such as those on Saudi Aramco and Qatar’s RasGas, in which viruses spread via office computers, the industry needs to take these threats very seriously. Past attacks have shown that hackers are capable of infiltrating company networks.
Hojayev even showed the future appointments made by patients of a leading hospital in Dubai to me.
“Hackers can exploit the situation and deface their websites or hack their websites or spoil the reputation of the company,” he said.
Most of the companies don’t have a “dedicated IT team” to handle these kinds of issues and are mostly handled by third parties.
“Recently, we have found vulnerability on the back end of one of the biggest free-zones in the UAE. We could gain an access to all clients’ information. Just imagine that … All license information of more than 15,000 companies,” he said.
According to a new survey commissioned by global Application Delivery Networking leader F5 Networks, Common cybersecurity threats include distributed denial of service (DDoS) attacks, phishing/spear-phishing emails, data theft, “zero-day” software assaults, web application exploits, and website defacement.
MarketsandMarkets suggests that the Middle East cybersecurity market is on course to grow from $5.17 billion in 2014 to $9.56 billion in 2019 at a CAGR of 13.07 per cent.
In its 2014 Global Economic Crime Survey, PrincewaterhouseCooper identified cybercrime as the second most common form of economic crime reported in the Middle East.
“We are going to meet with the Director General of the free zone to discuss this problem. We want to warn owners of those companies that we will make reports on their website if they won’t take action,” Hojayev said.
Patrick Sweeney, executive director, Dell Security, said that everyone knows the threats are real and the consequences are dire, so we can no longer blame “lack of awareness” for the attacks that succeed,
“Hacks and attacks continue to occur, not because companies aren’t taking security measures, but because they aren’t taking the right ones,” he said.