- RanRan and other attacks are signs that sophisticated e-criminals are targeting the region
- Region-wide collaboration and talent required to tackle the problem
- It is also essential for governments to share information with private sector
With cybercrime statistics showing a severe increase in data breaches, private data exposure and more targeted, politically motivated attacks, the Middle East region remains in dire need of a coordinated strategy aimed at addressing and dealing with such threats.
Statistics released by Dubai Police last year demonstrated that cybercrime in the Emirate saw a 136 percent rise between 2013 and 2015, amounting to a total of $22.33 million in damages and lost revenue. While in the wider Middle East region, the number of compromised records due to data breaches rose by 50 percent in the first half of 2016 to more than 10m records.
Global figures from 2016 show some 4.2 billion records were breached shattering the all-time high of 1bn records exposed earlier. The report revealed that the severity of the attacks climbed sharply while the number of attacks remained consistent.
Speaking on the sidelines of the e-Crime and Cybersecurity 2017 conference in Dubai, Mazen Dohaji, Regional Director Middle East, Turkey & Africa of security intelligence and analytics firm LogRhythm, said that cyber criminals and hackers targeted governments the most on a global level. “This trend is showing up in the Middle East, especially with more sophisticated targeted attacks such as the RanRan ransomware incident late last year.”
Named RanRan due to the debug path within the binary: C:\Users\pc\Desktop\Ran\Ran\Release\Services.pdb, the code was developed specifically to attack the government of Saudi Arabia for political reasons.
“RanRan shows us how sophisticated these criminals are becoming. We do not yet know how the malware was deployed, how it’s being spread, nor the full extent of its payload,” continued Dohaji. “However, we do know that the more digitized our governments and citizens get, the more vulnerabilities will appear and be exploited by hackers.”
Need for collective efforts
For many years, the natural response of governments in the region to such evolving threats was to individually invest heavily in preventative technologies and measures. “Today governments in the region must find capacity, technical and financial, to respond collectively to cybercrime,” he said. “Such responses should aim, not only to prevent, but to deter cyber criminals from operating in their jurisdictions.”
It is also essential for governments to share information together, and with the private sector, to make sure that a web of protection and deterrence covers as much vulnerability as possible.
“The good news is that as organizations improve their ability to quickly detect and respond to threats, the risk of experiencing a damaging breach is greatly reduced. At LogRhythm, our Threat Lifecycle Management platform clearly defines workflows aimed at achieving early detection of an incident early in the Cyber Attack Lifecycle to stop the treat in its tracks and avoid downstream consequences and costs,” concluded Dohaji.