Your SlideShare is downloading. ×
  • Like
Cyber Security for Energy & Utilities Special Editorial Edition
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Now you can save presentations on your phone or tablet

Available for both IPhone and Android

Text the download link to your phone

Standard text messaging rates apply

Cyber Security for Energy & Utilities Special Editorial Edition

  • 170 views
Published

Middle East Cyber Security Threat Report published in Cyber Security for Energy and Utilities Conference. 23 - 26 March 2014 - The Westin Abu Dhabi Golf Resort & Spa, Abu Dhabi, United Arab Emirates

Middle East Cyber Security Threat Report published in Cyber Security for Energy and Utilities Conference. 23 - 26 March 2014 - The Westin Abu Dhabi Golf Resort & Spa, Abu Dhabi, United Arab Emirates

Published in Technology , Business
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
170
On SlideShare
0
From Embeds
0
Number of Embeds
2

Actions

Shares
Downloads
5
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Middle East Cyber Security Threat Report 2014 Cyber Special EDITORIAL Edition Special insights from: Mohamed N. El-Guindy, Information Systems Security Association, Egypt Chapter, Founder and President
  • 2. Middle East Cyber Security Threat Report 2014 Since my last cybercrime research in 2008 [1], cyber security threats have grown and matured. Subsequently, cybercriminals and even terrorists have become capable of carrying out sophisticated cyberattacks. In this context, cybercrime continues to grow rapidly in the Middle East and takes new paths every day. In contrast, governments in the region are losing millions of dollars annually [2]. As long as governments will be dependable on new technologies and deal with security as a “nice to have”, their ICT infrastructure will be vulnerable to more sophisticated cyber-attacks. Not only ICT, the region witnesses new era of terrorism in which terrorists exploit the 21st century technologies to carry out terrorist attacks; therefore, I suggest that the situation will continue to worsen in 2014. Politically and religiously motivated attacks Our region is volatile and instable due to political, economic and social problems. These issues will increase motivated attacks carried out by groups of “Hacktivists” that penetrate or target systems or users for political or religious cause. The majority of cyber-attacks in the region are the work of Hacktivists with a message they want to spread. The so called “Arab Spring” increased these types of attacks and current chaos in the region will escalate conflicts and increase the politically and religiously motivated attacks. Obvious examples are the bloody conflicts in Syria, looming tension between Saudi Arabia and Iran, and the Arab-Israeli conflict. Study revealed [3] that Syrian Electronic Army, the pro-regime group, used social engineering techniques and malware attacks to target users and NGOs in Syria and other countries. What the study didn’t mention is that other anti-Assad groups [4] are also hacking websites and targeting users on the internet. A group called “Lewa’ Al-Sham” or “Levant Brigade” announced that it hacked TV channels websites [5] that support Assad’s regime. Religion is big player in emerging cyber-attacks, especially website defacement. Due to change in US policy towards Iran and Saudi Arabia, the Saudi-Iranian tension [6] will increase and will affect Middle East geo-politics; therefore related politically and religiously motivated attacks will grow and will become destructive, especially when carried out by professional hackers. Most cyber-attacks that originate from within Middle East and target Middle East ICT infrastructure are DDoS attacks [7] and website defacement [8]. But other sophisticated cyber- M ID D L E E AST C Y BE R S E C U R IT Y T H R E AT REPORT 2 01 4
  • 3. 1010101010101010101010101 01010101010101010101010 1010101010101 Boo k an p 9 Fe ay bef d or bru to s ary 2 e ave up t014 US$ o Evolve Evolve and adapt in SCADA, DCS and ICS security and adapt in SCADA, DCS and ICS security 23 - 26 March 2014 Evolve and adapt in SCADA, DCS and ICS security The Westin Abu Dhabi Golf Resort & Spa, Abu Dhabi, UAE 23 - 26 March 2014 Don Codling, Former Cyber Bill Cheswick Security Unit Creator of the world’s first StatesChief, FBI, United network firewall & Author of “Firewalls and Internet Security: Repelling the Wily Hacker” VIP Keynote speakers: Bill Cheswick Creator of the world’s first network firewall & Author of “Firewalls and Internet Security: Repelling the Wily Hacker” Dr. Jamal Mohamed Al Hosani Official Spokesman & Director ICT, National Emergency Crisis VIP Keynote speakers: & Disaster Management Authority, UAE Lt. Col. Faisal Mohamed Al Shamari, Chief Information Security Officer, Abu Dhabi Police GHQ, UAE Exclusive presentations from: Dr. Jamal Mohamed Al Hosani Official Spokesman & Director ICT, National Emergency Crisis & Disaster Management Authority, UAE Mohamed Al Sawafi, Head of IT Services, GASCO, UAE Reimer Brouwer, Head of IT Security, ADCO, UAE Mohammed Ikrami, IT Security Officer, Fertil, UAE Andrey Zolotavin, Senior Real Time Systems Engineer, KOC, Kuwait Habeebu Rehman, Sr. Supervisor IT Security, Petrorabigh, Saudi Arabia Abdullah Al-Akhawand, Sr. IT Engineer, KGOC, Kuwait Moazzem Hossain, Operations Planning and Studies Department Manager, ADDC, UAE Mahmoud Yassin, Lead Systems and Security Data Center Group, NBAD, UAE, Ali Rebaei, World’s Top 51 Big Data Influencer, Expert and Consultant, UAE Gilles Loridon, CEO, Global Security Networks, UAE ! “Free golf training session The Westin Abu Dhabi Golf Resort ^ Spa, Abu Dhabi, UAE for the first 30 registered attendees!” Celebrity speakers: 23 - 26 March 2014 The Westin Abu Dhabi Golf Resort & Spa, Abu Dhabi, UAE Celebrity speakers: 650 Benefits of attending: Benefits of atten Don Codling, Former Cyber Identify emerging cyber threats and evolving landscape in the energy and utilities industries Security Unit Chief, FBI, Identify emerging cyber thr Understand the need to protect critical infrastructure and its impact on energy economics Determine bestUnited States security practices for ICS/SCADA systems Understand the need to pro Learn to protect real time systems from cyber attacks Know how to protect cloud computing networks Determine best security pra Tackle backdoor interface vulnerabilities in SCADA systems Understand cyber defence strategies and their subsequent implementationLearn to protect real time s Interact and network with industry experts from leading national and international oil Know how to protect cloud companies, IT security solution providers, as well as banks, power and telecom companies Tackle backdoor interface v Associate sponsors: Exhibitor: Understand cyber defence Interact and network with i Lt. Col. Faisal Mohamed Al Supported by: companies, IT security solu Shamari, Chief Information Security Officer, Abu Dhabi Police GHQ, UAE Associate sponsors: Media partners: Researched and developed by: Exclusive presentations from: And many more… Mohamed Al Sawafi, Head of IT Services, GASCO, UAETel: +971 4 364 2975 Fax: +971 4 363 1938 For more information or to register Reimer Brouwer, Head of IT Security, ADCO, UAE Email: enquiry@iqpc.ae www.cybersecurityme.com Mohammed Ikrami,For moreOfficer, Fertil, UAE to register - Tel +971 4 363 1938 IT Security information or Andrey Zolotavin, Senior Real Time Systems Engineer, KOC, Kuwait Email: enquiry@iqpc.ae www.cybersecurityme.com Habeebu Rehman, Sr. Supervisor IT Security, Petrorabigh, Saudi Arabia Abdullah Al-Akhawand, Sr. IT Engineer, KGOC, Kuwait Moazzem Hossain, Operations Planning and Studies Department Manager, ADDC, UAE MIDDLE EAS T CYB ER S ECU RIT Y T HREAT REPORT 20 14 Mahmoud Yassin, Lead Systems and Security Data Center Group, NBAD, UAE, Ali Rebaei, World’s Top 51 Big Data Influencer, Expert and Consultant, UAE Gilles Loridon, CEO, Global Security Networks, UAE
  • 4. attacks started to appear in 2012 such as Saudi Aramco [9] and RasGas [10] attacks. What will make things worse is the Iranian nuclear project which still at early stages to develop real nuclear threat. But other players in Middle East especially Saudi Arabia see this as a real threat and will outsource real warheads and “ready-made” nuclear technology from Pakistan [11]. This arm race is dangerous in this unstable region and the fear is growing when one can think of Stuxnet-like [12] attacks that may target this off the shelf nuclear technologies which might result in Middle East Fukushima [13]. The Arab-Israeli conflict is another motive for cyber-attacks in the region. Many online groups are organizing cyber campaigns to attack Israeli [14] websites and reveal financial information. On the other side, Israeli groups are also conducting cyberattacks against Arabic websites [15]. Although most of the Arab attacks are not state-sponsored and can be categorized as propaganda, Israeli policymakers see this as real threat and consider it “Cyber terrorism” [16] which requires offensive reactions and even military attacks. They also established state-sponsored units [17] to wage Cyberwar with sophisticated capabilities [18]. The chaos in Middle East will also escalate the growing conflicts of Jihad for the Caliphate. Al-Qaeda and its inspired groups will continue to conduct bombing and killing across the region and other form of Jihad is exploiting the new technologies to cause harm. I will publish a dedicated research soon to investigate this phenomenon in the Middle East. Other dangerous trend we may witness soon in our region is a “Hacker for Hire”. Professional hackers and cyber mercenaries [19] can be hired by governments [20] or private sectors from outside the region to conduct sophisticated cyber-attacks, no matter what the motive is, political [21], religious or financial. Financial Attacks When it comes to cyber-attacks for financial gain, Middle East is a fruitful target for cybercriminals because of low level awareness of users, lack of technical and legislative capabilities and the availability of liquid money. Banks in the region are the biggest losers when it comes to financial cyber-attacks as criminals go where the money is. In 2013, a group of cybercriminals stole over $45 million [22] from two banks in the Middle East, Bank of Muscat in Oman and National Bank of Ras Al Khaimah “RAK Bank” in the UAE. Cyber gang hacking into a database of prepaid credit cards belonging to the banks, and then using fake cards to withdraw money from ATMs in 27 countries. The cards database was held by Indian payment processors that got hacked by the cyber gang. Banks and payment processors admitted the attack but that what revealed. There are other attacks that occurred around the clock in the region but no revelation. Some financial institutions may fear losing customers if they reveal that they got hacked. Lack of transparency makes the situation worse as users must know that their accounts are affected and should know how banks will recover and how they will deal with future attacks. It’s important for customers to understand that banks have the responsibility of protecting both their own data and customer’s data. If banks M ID D L E E AST C Y BE R S E C U R IT Y T H R E AT REPORT 2 01 4
  • 5. 1010101010101010101010101 01010101010101010101010 1010101010101 are not responsible, so what will be the point of having security policies at enterprise level? Having security policy is one thing; however, enforcing these policies is another. Enforcing and building out polices is a whole educational awareness process that needs to be addressed effectively. This is maybe the reason most banks and financial institutions in the Middle East do not have strict policies when dealing with electronic payments. The following issues could be easily spotted in many banks in the region: r Payment card statements with full details sent via postal mail r Customers allowed to put large sum on not carefully monitored cards r Bank websites have web application vulnerabilities such as non-secured login boxes r Emailing security-sensitive information insecurely to customers r Absent or poor security awareness training and education for employees r Poor security policies and absence of training for merchants r Loopholes for compliance are available due to corruption (Financial institutions and or merchants can get PCI-DSS, ISO27002 etc. without applying the required guidelines) r ATMs are not carefully protected and might be placed at unsafe environment r Outsourcing services that are related to sensitive or critical information without paying much attention to the security policies and reputation of the outsourcing partner. r Mobile payments are being implemented with the same weakness related to payment cards. Attackers will not only target large bank banks and financial institutions, they will also target small entities that deal with money such as merchants and POS operators due to their lack of security. The increase of Middle East online consumer habits with the growth of mobile payment platforms will increase risks for payment processors, banks and merchants. Due to the increase of mobile internet in Middle East [23] and the growth of e-commerce sales that reached $27 billion in 2013 [24], the region will be big target for cybercriminals. Not only cyber gangs who are interested in Middle East financial data, foreign intelligence agencies are also big players with their state-sponsored attacks [25]. One of the most important reasons that will make the region vulnerable to more sophisticated financial cyber-attacks is the regulation frameworks as hackers and cyber gangs are looking for places with poor or absent regulation to commit their crimes. Cyber regulations are poor in Middle East [26] and even lack the correct definition of cybercrime. Indeed, there are laws dedicated to cybercrime in the region and also cyber-related laws but governments need to update them so often to reflect the rapid change of such hi-tech crimes and should be harmonized with the path of the rest of the world. But due to the political issues, most cyber laws are drafted to suppress freedom of speech and do not address the real threat of cybercrime. In addition, policymakers are dealing with cyber regulation from old perspective in which crimes committed within specific location. This is completely wrong when dealing with cyberspace as it’s not location dependent. So when they deal with cybercrime law, they have to go beyond their countries as the crime itself is transnational. MIDDLE EAS T CYB ER S ECU RIT Y T HREAT REPORT 20 14
  • 6. As long as governments in the region will not address these issues, financial cyber-attacks will increase in 2014 and I expect that we will see more sophisticated attacks that will target financial institution in the region. Future Threats: Everything will be hackable I published research paper in 2011 investigating the 21st threats and Middle East dilemma [27]. I expected that the situation will be worse in future because both governments and users lack future strategies and are looking always to access advanced technologies with consumer mindset. Since this the norm in our region, there will be no progress when it comes to future technologies. Everything will be connected to the Internet to form the new era of “Internet of Things” [28] and we will strive to protect devices that embedded in our homes, offices, cities and even our bodies. This situation might not appear in 2014 but things are moving faster in 21st century and we might see sophisticated attacks target connected devices that will cause panic [29]. This complex and connected world created the Big Data that will result in big benefits and big threats as well [30]. Additional cyber threat that will affect Middle East is cyber-espionage or spying that sparked debate in 2013 with the revelations of NSA surveillance. I expect that cyber-spying activities by western intelligence agencies will continue to grow in 2014 due to political situations, instability, chaos and terrorism. I argue that other players will enter the espionage game in the region. China, with its large numbers of connected electronic devices being used in the Middle East will be one of the biggest players when it comes to cyber espionage. As Middle East center of gravity is shifting from Saudi Arabia to Persian Gulf [31], Iran as a regional superpower and second to Israel, will enter the cyber-espionage game. Consequently, we will witness more dangerous cyber-attacks and cyber threats to originate from Iran and will be carried out by its state-sponsored cyber army [32]. Although Iran’s cyber capabilities couldn’t be compared to US and Israel and even not destructive against them, it might be destructive if used against “vulnerable” [33] Middle East countries. In addition to cyberattacks, Iran has also access to advanced warfare technologies such as drones that will be used in future attacks as ultimate asymmetric weapons. Middle East states need to understand that off the shelf technologies will not solve any security issue but it might make things worse. They need to address their internal issues and invest in their human capital to adapt with the 21st century or the consequences will be more dangerous in the years ahead. Source: Mohamed N. El-Guindy Information Systems Security Association, Egypt Chapter, Founder and President http://netsafe.me/ December 25, 2013 M ID D L E E AST C Y BE R S E C U R IT Y T H R E AT REPORT 2 01 4