Since the pandemic, the number of cyber-attacks in the UAE and the region has seen a substantial increase, as the organisations have been forced to an immediate remote working scenario.
As part of the efforts targeting the cyber security of the financial sector specifically, the Central Bank of the UAE (CBUAE) conducted a real-time cyberattack simulation exercise designed to test the resilience of the UAE’s banking sector against any potential cyber threats.
In addition to this, the UAE Banks Federation recently organised RaCE, a two-day cybersecurity webinar, focusing on best practices in data privacy and protection as businesses shift to a hybrid working environment.
Speaking at the event, Bahi Hour, Director, System Engineering – META at Attivo Networks said, “The accelerated digitalisation efforts of the banking industry in the region has given a much larger attack surface area for cybercriminals to exploit. In addition to phishing and malware, the attackers have evolved and equipped themselves with advanced persistent threat (APT) tactics to navigate around defences and infiltrate networks without being detected. The CISOs need to adopt a multi-layered cybersecurity strategy to help ensure the safety of their prized digital assets.”
Remote working has increased the dependence on VPNs to connect employees with the corporate networks, which provides an additional potential path for criminals to attack. They can either exploit a vulnerability, or socially engineer an employee to reveal access credentials and gain entry to the network. Experts anticipate COVID-19 related phishing attacks to continue well through 2021, as employees continue to work from home. Prior to the pandemic, perimeter security was sufficient to block such activity, but since all employees are now logging in at all times, from different places, utilising multiple devices; detecting unauthorised access has proven difficult.
Infiltrators are now changing tactics to avoid detection and maximise the payout. They have adopted a new strategy that involves spending months hidden in the system, carefully navigating through the network, and patiently waiting to locate their victim’s most valuable assets. A 2020 report by the Ponemon Institute revealed that the average time for companies in KSA and UAE to detect data breach is 269 days.
The increased incidence of attacks on financial institutions in the region encouraged these institutions to invest in measures against cyber threats. A sentiment shared by the respondents of the UAE 2020 KPMG cybercrime survey, where nearly three-quarters of those surveyed expected businesses to invest significantly in cybersecurity.
According to Ray Kafity, Vice President META at Attivo Networks, “CISOs can proactively defend against APT threats by utilising a portfolio of solutions that can detect, isolate and remedy the attack. In addition to endpoint security, tools using deception and concealment techniques, provide early detection capabilities for discovery, credential theft, lateral movement, privilege escalation, and data gathering activities.”
There has been a shift inorganisations’ focus from prevention to early threat detection when it comes to cybersecurity. Utilising platforms like Attivo Networks’ ThreatDefend®, in addition to endpoint security products,gives organisations an average of 42 percent boost in detection, due to their advantage of reducing dwell times and providing evidence-based, actionable alerts.