The Cyber Pandemic In The Middle East


In the Middle East, while the increasing pace of technology adoption and rapid digitalisation has made enterprises operate more efficiently, the downside has been the rise of cyberattacks.Special-Week-Cybersecurity

Last October, Iran’s national fuel distribution network was paralysed, when hackers disrupted the smart payment system that the government uses to distribute subsidised petrol, forcing almost all of Iran’s petrol stations to close, escalating further social and political unrest in the country.

This is just one of the many instances. Amid a rise in remote working and rapid digital transformation, the Middle East has become a prime target for cybercriminals.

According to Kaspersky, malware assaults in the Middle East increased by 17 per cent in the first half of 2021.

According to Sectrio, the healthcare industry had one of the highest rises in cyberattacks during the pandemic, with a nearly 97 per cent increase. Hackers exploited the large-scale digitisation of personal data and sensitive medical data during the pandemic.

Around October 2021, following a return of hostilities with Tehran, Israel reported a slew of attacks on its hospitals and medical facilities. Even the International Committee of the Red Cross and Red Crescent was targeted. A major global attack compromised personal data and confidential information on over 5,15,000 highly vulnerable people, including those separated from their families due to conflict, migration, disasters, and those in detention.

Other key infrastructures, including energy plants, oil and gas, transportation networks, ports, and huge industrial plants, have targeted the health sector. Last year, hackers launched a ransomware assault against Saudi Aramco, resulting in a data breach and a $50 million extortion effort.

Here’s an overview of the region’s major data breaches and cyberattacks in the last few years:

Israeli Government Sites Crash In Cyberattack (March 2022)

A defence establishment source claimed that this was the largest-ever cyberattack carried out against Israel. The Israeli Government sites were taken down via a distributed denial-of-service (DDoS) attack, which bombards websites with junk traffic to render them unreachable, which remained unconfirmed. The websites of the interior, health, justice and welfare ministries had been taken offline, as was that of the Prime Minister’s Office.

Dubai-based Gems Education Hit By Cyber Attack (February 2022)

Gems Education in the UAE faced a cyber attack that minimally impacted the group’s operations. After which, they immediately enacted the cyber security response plan. They had confirmed that they had not stored bank account details or credit card information for families or guardians of pupils but stated that other types of personal information might have been affected. This includes identification documentation, financial information such as payment history, information related to creditworthiness and any debts, health or medical information of children, and log-in information to Gems systems.

Iran-linked Hacker Group Targets Turkey’s Cyber Network (February 2022)

Iran has escalated its longstanding cyber campaign against Turkey through state-sponsored hackers, who have targeted high-profile governmental and private websites in the country since November 2021. These cyber assaults are purportedly being carried out by MuddyWater, a hacker organisation affiliated with Iran’s Ministry of Intelligence and Security. Infection vectors include malicious PDF files and Microsoft Office documents in phishing emails. These malicious documents were named in Turkish so that they seemed to be genuine materials from the Turkish health and interior ministries. CISCO Talos Intelligence Group was the first to notice the malware intrusion. The emails sent to the target’s company included a link to a hacked website that included the target institution’s name as a parameter in the URL.

The IT Sector Targeted By Iranian State Cybercriminals (November 2021)

According to Microsoft, during the pandemic, Iran-backed hacking organisations have increased their attempts to target IT services firms to collect credentials that they may use to access the systems of downstream clients. According to security researchers at Microsoft Threat Intelligence Centre (MSTIC) and Digital Security Unit (DSU), this operation is part of a larger espionage goal to hack companies relevant to the Iranian regime.

Fraudsters Cloned Company Director’s Voice In $35 Million Bank Heist (October 2021)

Showing how devastating high-tech swindles can be, cybercriminals cloned the voice of a company director, using deepfake technology, in the UAE to steal $35 million. The UAE is investigating the heist as involving at least 17 individuals, which sent the pilfered money to bank accounts across the globe.

Bahrain Activists’ iPhones Hacked With NSO Group Spyware (August 2021)

Advanced malware developed by the Israeli business NSO Group penetrated the iPhones of Bahraini activists. According to Citizen Lab at the University of Toronto, NSO Group’s Pegasus virus infiltrated the phones of the members of the Bahrain Centre for Human Rights and two political dissidents in exile.

Major Hacking Of The Bank Of Bahrain (August 2021)

A Nigerian cyber fraud gang attacked the Bank of Bahrain and Kuwait’s system, robbing them of $739,000 in their accounts.

Moorfields Eye Hospital Was A Victim Of Ransomware (August 2021)

The Moorfields Eye Hospitals in UAE was the subject of an IT security incident on one of its servers. Ransomware group AvosLocker claimed responsibility for the attack on Moorfields on their leak site. AvosLocker is known for infecting Windows machines to encrypt files and add a “.avos” extension to them. Typically, the ransomware group uses spam emails or misleading advertisements as the primary delivery mechanisms for the malware. To encrypt data, AvosLocker employs a customised version of the Advanced Encryption Standard (AES) algorithm with a block size of 256.

Facebook Data Leak Affects Over 1.4 Million Of Users In Bahrain (April 2021)

Social media platforms have also evolved into valuable data sources for cybercriminals to exploit for personal gain. In April 2021, the most infamous user data leak happened, affecting over half a billion Facebook users, including 1.4 million in Bahrain. Phone numbers, email credentials, locations, and birthdates were among the personal information uploaded in general.

If you liked reading this, you might like our other stories

Is Ethical Hacking Our Last Defence?
Cyberattacks That Made Headlines In 2021