Muscat: Oman has emerged first in the Arab world, and fourth in the world, for cyber security, according to the latest Global Cyber Security Index (GCI) published by the International Telecommunications Union (ITU), the United Nations’ specialised agency for information and communication technologies.
The Sultanate secured its high rank in the index, which measure each nation’s level of cyber security preparedness, through its focus on the five main pillars of cyber security — legal, technical, organisational, capacity building and cooperation — according to Engineer Badar Ali Al Salehi, Director General of Oman National CERT (Computer Emergency Readiness Team).
In an exclusive interview with Gulf News on the sidelines of the two-day, sixth annual regional cyber security summit that concluded on Tuesday, Al Salehi said: “From the legal perspective, Oman has issued laws such as the Combating Cybercrime and Electronic Transaction (ETL) laws, which make the virtual world and online transactions more secure in the country.”
Hosted by the Oman National CERT, the summit also reflected on the need for further collaboration among countries to address burgeoning cyber threats and their consequences on a country’s security and economy. Several delegates and speakers from the America’s Federal Bureau of Investigation (FBI) and Interpol attended the summit, titled “Towards Cyber Resilience”. Around 350 Arab delegates from regional cyber security centres, as well as officials and specialists from other private and government organisations also attended.
The law to combat cyber crime, instituted by a Sultani decree in 2011, addresses a wide spectrum of illegal activities involving a computer device, computer system or network. The ETL, promulgated by another royal decree and passed by Oman’s legislature in 2008, applies to parties that agree to conduct their transactions electronically and is the first law for legalising electronic transactions in the country.
The ETL and the cyber crimes law together strengthen the country’s legal requirements against IT crimes, said Al Salehi, and further validate Oman’s credibility with best legal practices in thwarting cyber security threats.
Oman was also ranked the 81st most cyber-attacked nation in the world this year, making it a relatively secure nation, according to Al Salehi. The country secured the top spot for best practices among Arab states for its stringent high-level cyber security strategy and a unified Oman National CERT and government information security campaign, called “Waay”.
Encompassing government ministries and authorities, Waay is part of the national information security initiative launched by Oman National CERT in 2009. It promotes cyber and information security awareness, sharing best practices to mitigate security risks. This further ensures business continuity and minimises the impacts of security risks on the government.
Oman National CERT has also been chosen as the regional centre for cyber security for 21 countries across the Arab region, in a move that will boost Oman’s position in the e-security sector.
Speaking about the regional centre, Al Salehi said: “Oman National CERT has been designated to serve as the regional centre for cyber security for the Arab region. A Memorandum of Understanding was signed in 2012 between the body, in cooperation with the ITU, and IMPACT (International Multilateral Partnership Against Cyber Threat), which is the cyber security-executing arm of the ITU. Positioning the Sultanate as the key cyber security hub within the Arab region, the MOU recognises the leading role that Oman National CERT has played in the region.”
Oman has also played a crucial role in the fight against cyber crimes. A data protection law has been drafted and work is on for regulations pertaining to the IoT (internet of Things), smart cities and other developing technologies, according to experts from Oman National CERT.
On thwarting cyber attacks, Al Salehi said: “We’ve dealt with more than six million cyber attacks on government websites with an increase of 300 per cent. Oman’s IT security specialists thwarted more than 70 million attacks that targeted government networks last year. More than 1,800 cyber security incidents targeting organisations and individuals have also been dealt with.”
The cost of cyberattacks is nearing half a trillion dollars worldwide this year, and the security threat to every sector is real, reiterated the head of Oman National CERT.
On cyber infections, Aziza Sultan Al Rashidi, Director, Cyber Security Professional Services at Oman National CERT said: “Ransomware attacks, which interrupt data on files and systems, have been detected in the country. Following the ransomware attacks and ‘WannaCry’ virus, which is spreading around the world, fewer infections are reported in Oman.”
Al Salehi also cited cases of cyber blackmailing with 1,000 calls received a day. Omani law defines blackmailing as threatening to compel a person to do any act or wrongdoing against his/her will with some form of punishment if he/she doesn’t fulfil the request. This year, 549 malwares and 129 cases of cyber crime have been detected so far in Oman. The figures suggest that though there is a resilient security system, threats are evolving and are inevitable, according to the experts.