Data is the lifeblood of governments and economies in today’s digitalized world. The United Arab Emirates (UAE) reliance on data-driven systems has never been greater – with its Smart City Initiatives and rapid digital transformation. However, the technological advancement surge comes with an amplified risk of cyber threats. According to Dr. Mohammed Al Kuwaiti, Head of Cyber Security, UAE Government, the country is forced to block over 50,000 cyber-attacks and insists that the number is still growing. As a result, the UAE launched the Cyber Pulse Initiative, which seeks to encourage and enhance public awareness of malicious online activities. Recognizing that collaboration is key, Naim Yazbek, General Manager, Microsoft UAE, insists that security is a team sport, encouraging everyone to work together. Microsoft recently signed a Memorandum of Understanding (MoU) with the UAE Cyber Security Council to curb and respond to cyber threats. In the terms stated in the MoU, the CSC UAE and Microsoft will assess information in cybersecurity-related fields, focusing more on national prevention, deterrence, cooperation, and cyber-attack responses. The UAE has adopted a “Zero Trust Cyber security” approach to counteract these risks and secure its digital landscape. The Evolution of Cyber Security Traditionally, cyber security strategies leaned heavily on perimeter-based defenses, assuming that anyone within the network, including devices and users, was trustworthy. Nonetheless, the shifting threat paradigm has exposed the inadequacies of this approach. As technology changes toward a hybrid environment, cloud-first, the network perimeter is a bit blurred. Conventional security methods, such as strict firewall rules and antivirus solutions solely focused on external threats. These methods and physical security measures used to repel popular threats are progressively losing effectiveness. In tandem, cyber-attacks have grown more relentless and intricate, prompting the need for a proactive security stance. Additionally, staff were trained in basic cyber security practices and concepts. However, the flaw in this approach lies in its susceptibility since legitimate entities with access can compromise the defense accidentally, in what is commonly known as insider threats. UAE Adoption of Zero Trust Acknowledging the limitations of conventional cyber security models, the UAE has embraced a paradigm shift – Zero Trust Cyber security. This approach stands on the principle “never trust, always verify.” It asserts that internal and external sources can harbor threats, necessitating careful verification for every entity seeking access to resources. Unlike traditional perimeter defense, no network, device, or user can be inherently trusted with the zero trust model. Within the overarching National Cyber Security Strategy, Zero Trust principles have been integrated strategically. This strategy fosters adaptive security measures, risk assessment, and continuous monitoring, ensuring each access request is evaluated, authenticated, and authorized before any granted access. The UAE government (Cyber Security Council) has partnered with leading cyber security companies like Microsoft and Deloitte and other security experts to tailor Zero Trust Solutions that align with their unique technological landscape. Furthermore, the United Arab Emirates has embarked on extensive cyber security awareness campaigns and initiatives like Cyber Pulse Initiative to educate businesses, government agencies, and citizens about the importance of Zero Trust Practices and other cyber security measures. Adopting and implementing strategies to strengthen the UAE’s digital defense can only be successful with a regulation and compliance clause. The UAE has been working to establish stringent cyber security compliance and regulation standards that mandate the adoption of Zero Trust principles across all boards. Failure to comply is subject to temporary detention, a minimum prison sentence of six months or one year, or a fine between AED 150,000 and AED 1M. The Benefits of Zero Trust Implementation in the UAE By adopting this paradigm shift, the UAE stands to garner a lot of benefits in its digital ecosystem. 1. Enhanced data protection One, when every access attempt is scrutinized, data protection is enhanced. Zero trust minimizes the chances and risk of unauthorized data breaches and exposure. The key aspect of Zero Trust Cyber Security gains added significance when considering the huge realities of cyber threats faced by UAE companies. A 2021 report by Cybereason, a cyber-security company, highlighted the disturbing trend of ransomware attacks in the UAE. According to the report, companies in the UAE must pay more than AED 5.1 Million in ransom to regain access to their systems within the past two years. Shockingly, 42% of companies closed down due to the attacks. Dr. Kuwaiti points out that these breaches have resulted in financial losses of up to AED 4-5 Million. The UAE’s Zero Trust cyber security will go beyond mere prevention of data breaches but the overall cyber threats spectrum. 2. Reduced attack surface Secondly, adopting zero trust offers a significant reduction in attack surface. This goal is achieved by using the strategy to emphasize micro-segmentation principles and least privilege, which limits attackers from maneuvering the network. In UAE, this strategy is a best practice and a top priority. A report by ‘Future of Cloud Security in the Middle East’ showed that’s the next big strategy for the years ahead. According to the report, 56% of the respondents in the Middle East were pushing for the implementation of zero-trust strategies. Zero Trust emphasizes the least privilege and ensures that devices and users are granted only the bare minimum level of access equal to their tasks. This approach, in return, significantly restricts pathways for attackers to exploit, reducing the potential attack surface. 3. Promotes innovation Additionally, the zero trust model provides enhanced security that encourages the unanimous adoption of a cloud-first strategy. It underlines the cloud’s foundational importance in driving advanced technologies, for example, the Internet of Things (IoT), blockchain, and artificial intelligence (AI). The flexibility and adaptability of the cloud pushes the amalgamation of hybrid and sovereign cloud, effectively diversifying the vast digital potential in the country. 43% of the respondents from the report affirmed that security is the most important thing they look for when settling on a provider. To provide a shield within the cloud environment, incorporating zero trust, encryption, staff training, and multi-factor authentication is a must! Resource access should
Protecting UAE Organizations from AI-Powered Cyberattacks
Certainly, the cyber threat landscape is deteriorating by the minute, and learning about new attacks and the best way to keep your company safe is vital. For instance, AI-powered attack methods, such as voice cloning and deepfakes, maximize hackers’ success rates in phishing and social engineering incidents. Worse still, the increased access to generative AI products like ChatGPT further democratizes cybercrime. Understanding AI-powered attacks will help you keep up with cybercriminals’ innovation pace and secure your systems and data. Hackers use AI to increase their winning rates. As AI innovation advances, threat actors have realized they can use the technology for different attacks to increase their success rates and maximize profits. Some of the ways hackers use AI-powered attacks include the following: 1. Voice cloning Hackers leverage AI in vishing (voice phishing) attacks to dupe unsuspecting users and employees into believing they are speaking with legitimate callers. Sometimes, threat actors use these AI-powered calls with other tactics, such as business email compromise attacks. For instance, they can call victims to give them a heads-up about an email (in this case, a phishing email) they are about to receive. This strategy increases the hacker’s success rate since gullible users will not identify the email as harmful. 2. Deepfake technologies Besides voice manipulation, hackers have weaponized AI by altering video material to conduct plausible social engineering attacks. Deepfakes misuse has eroded trust in body cameras, surveillance footage, and other video and audio evidence. Additionally, these AI-powered attacks have increased cases of cyberbullying, stock manipulation, and blackmailing and worsened political instability. 3. AI-powered phishing emails Hackers can use generative AI, such as the ChatGPT tool, to craft convincing phishing emails that bypass conventional spam filters. With publicly available and free generative AI solutions, cybercriminals and malicious insiders will generate convincing emails and code with little technical expertise. Zias Nasr from Acronis notes that AI and machine learning used by cybercriminals to create phishing emails and malware reduce barriers to entering the cybercrime space and increase attack frequency. Previously, attackers have been limited in their ability to send phishing emails to victims in the UAE since many of them don’t write in Arabic. “However, with generative AI models, attackers can generate well-written, seemingly trustworthy phishing emails and messages in various languages at the click of a button,” states cybersecurity expert Safwan Akram. Translating phishing text into different languages localizes the attacks and increases trust levels. ChatGPT’s classic large language model (LLM) is versatile enough to create realistic phishing emails. A recent cyber threats analyst report states that these AI tools can generate hundreds of slightly different messages, making traditional static detection difficult. 4. Scaling attacks with minimum efforts Apart from generating different phishing emails rapidly, AI can even respond to potential questions and email responses from unsuspecting victims, greatly reducing the attack time and effort. Generative AI tools can generate scripts for sending and responding to emails while recognizing the topics that work well and the ones to avoid. 5. AI-powered malware AI innovations make malware creation easier for cybercriminals. Threat actors can use AI to create sophisticated polymorphic malware that can metamorphosize (change the design and code; the malware rewrites itself after infection) to evade conventional security mechanisms. The process that initially took hours to complete now takes a few minutes with generative AI tools. 6. Discovering vulnerabilities Generative AI models can understand and identify flaws in program code. In this case, threat actors can paste software’s source code into AI-powered solutions to detect vulnerabilities such as SQL injection, buffer overflow, missing authentication, and unrestricted uploads. Next, the AI chatbot can create corresponding exploits and obfuscate the attack methods. Staying ahead of AI-Powered Attacks 1. AI-Powered cyber defense Just like with emerging cyber threats, security experts should adopt advanced technical and administrative solutions to keep up with criminals’ innovations. For instance, security teams can use AI-powered tools for threat intelligence and cyber risk assessments. 2. Defense-in-Depth model Organizations using cloud environments should invest in multiple security layers and a zero-trust model based on enhancing access controls. 3. Patch management and WAF You should use updated tools to assess and detect vulnerabilities in software and other solutions in your IT environment. Common security measures such as patch management and web application firewall filtering can detect and protect your assets from emerging vulnerabilities. 4. Cybersecurity awareness training Additionally, organizations should continuously create awareness about new AI-powered attacks. Users need to know how to detect red flags in emails, such as typos and malicious links. Businesses in the UAE should also equip employees with smart support solutions to detect and respond to attacks. Technology is advancing at breakneck speed in the UAE, with many industries and processes going online, from retail to banking to oil and energy production. Also, AI adoption is on the rise. As AI gradually permeates our everyday lives, cybercriminals are not hesitant to take advantage of this technological innovation. While security teams use AI for defensive purposes and threat intelligence, it is undisputable the technology has complicated the cybersecurity landscape. Therefore, security teams should consider deploying AI-powered defense mechanisms in addition to standard defense-in-depth controls and awareness training.
Cybersecurity Regulation Landscape in the UAE
The United Arab Emirates (UAE) has recognized the critical importance of cyber security in an interconnected era in safeguarding its national security, economic growth, and infrastructure. With a huge reliance on digital innovation and technology as driving forces, the UAE has shown what it looks like and what is possible when technology is embraced in the public and private sectors. UAE’s official government portal indicates that the region is considered one of the most advanced in technology and the adoption of modern technologies, with one of the highest smartphone penetration rates. A 2022 post on Dubai Media Office’s official Twitter handle reads, “UAE Digital Economy aims to double the contribution of the digital economy to the GDP from 9.7 percent to 19.4 percent within the next ten years.” UAE’s position as a digital economy hub means more cyber threats Unfortunately, the rapid technological advancement comes with intensified concerns regarding cyber security and the potential effect of cyber-attacks on critical systems and government facilities. It is no longer enough for companies and individuals to assume they are safe by simply assessing and monitoring security controls. As a result of its forward-thinking approach to technological development, the UAE is in a tough position where the technological and digitization adoption pace far outweighs the level of knowledge and awareness about how to defend against emerging cyber threats effectively. The current average global cost of a data breach rose about 10 percent yearly to $4.2 million over the past year. Saudi Arabia and the UAE are among the top on the list, with average costs of $6.9 million. To respond to these challenges, the UAE has actively been shaping a comprehensive cyber-security framework to address the evolving landscape of the nation’s cyber risks. UAE Cyber Security Strategy Launch The Dubai Cyber Security Strategy of 2023 has been revamped. They have taken the accomplishments from their earlier efforts in 2017, even aimed higher. The big objective still stands: Securing the digital landscape in UAE and beefing up fast-tracking smart city transformation and tech infrastructure. This time around, the National Cyber security strategy has developed four main pillars to guide the game plan. A cyber-secure society is the first pillar that ensures everyone has the know-how to access easy-to-follow cybersecurity practices and handle cyber challenges. They aim for a culture where everyone understands cyber security is important. An incubator city for innovation is the second pillar where they are dialing up the research game – creating an environment perfect for cultivating an ecosystem conducive to innovation. These efforts ensure a secure and safe integration of new technologies and foster an overall assurance framework. A resilient cyber city is the third pillar of managing the digital space wisely. It emphasizes establishing supple cyber crisis response mechanisms, amplifying robust cyber resilience capabilities, fortifying the cyber infrastructure, and prudent cyberspace governance. Lastly, an active cyber collaboration echoes the value of forging international and local alliances to collectively handle and curb the transnational cyber threat. The Cyber Security Regulations in UAE The UAE’s cyber security regulatory structure is overseen by crucial authorities such as the UAE Computer Emergency Response Team (aeCERT) and the Telecommunications and Digital Government Regulatory Authority (TDRA), initially the UAE Telecommunications Regulatory Authority (TRA). The regulatory aeCERT deals with swift incident coordination and response in case of cyber security threats, while the TDRA is responsible for enforcing and shaping cyber security regulations. Currently, the UAE has enacted cyber security regulations to protect its digital landscape. The UAE Federal Law No. 2 of 2019 malicious cyber activities, including criminalizing cyberbullying, hacking, phishing, and unauthorized access. These cybercrimes are subject to penalties depending on the severity, ranging from imprisonment to fines. The National Electronic Security Authority (NESA) regulations impose standards for information security in the UAE, mainly for infrastructure sectors and government bodies. The regulations guide organizations in safeguarding their data, systems, and networks. Besides, the UAE introduced the Dubai International Financial Centre (DIFC) Data Protection Law and the Abu Dhabi Global Market (ADGM) Data Protection Regulations to secure personal data processing. The regulations align with international data protection standards, which foster the importance of responsible data handling. With the 5G emergence, the UAE has addressed the technology by issuing comprehensive guidelines that ensure the resilience and security of 5G networks. The guidelines range from supply chain to risk management and secure 5G infrastructure deployment. With initiatives like FedNet – which provides the federal government with secure architecture with reliable, on-demand access to computing resources, the UAE has shown its commitment to cyber security. The secure network and Multiprotocol Label Switching (MPLS) cloud provided by FedNet enhances UAE’s cyber security posture. The team continually monitors the operations, incorporating a 24-7-365 security operations center (SOC). Additionally, it has a Security Information and Event Management (SIEM) system to manage security events effectively. Moreover, establishing aeCERT shows the UAE’s proactive effort to bolster information security by elevating the standards and safeguarding IT infrastructure from potential breaches and risks. The mission is to disseminate information about cyber security incidents, vulnerabilities, and threats while enabling the public to report any incidents for fast response. Regulation Implications on Businesses and Individuals The laws have profound implications for businesses and individuals operating within the Emirate. For businesses, the implications are all-round. Compliance with cyber security laws is a necessity, not merely a choice. Therefore, organizations should establish robust measures to prevent cybercrimes, report incidents promptly, and collaborate with authorities in the investigations. Additionally, data protection regulations call for a heightened focus on securing and protecting sensitive information. This is achieved by obtaining proper consent for data processing, ensuring prompt notification of authorities and the affected individuals in case of any data breaches, and implementing effective data security measures. Failure to comply can lead to severe penalties for involved individuals. However, adherence to the laws gives more than just legal protection; it helps organizations cultivate trust among partners and customers, building a reputation in the ever-changing digital landscape. Even as organizations in the UAE continuously integrate
The Importance of Incident Response, Business Continuity, and Disaster Recovery for Businesses in the UAE
With technological globalization and advancements being the norm in the modern business landscape, organizations face several risks that can threaten their existence and disrupt operations. The United Arab Emirates (UAE) is known for its thriving business sector and vibrant economy, so you can imagine the ensuing challenges. To ensure the success and sustainability of businesses in the UAE, it is imperative to use a robust approach to incident response, business continuity, and disaster recovery. We will look at the three plans businesses in the UAE can use to manage incidents that could otherwise lead to huge revenue and customer trust loss. Mitigating the Immediate Effect with Incident Response Incidents, varying from natural disasters to cyber security breaches, can strike at any time with no warning, thus causing immediate disruptions to business operations. With cyber-attacks and data breaches, organizations must adopt robust incident responses for security. Incident response is a structured way of managing and tackling the aftermath of a cyber-attack or security breach. It is also known as a security, computer, or IT incident. The effort minimizes damage and facilitates a rapid return to normalcy. The main goals are to minimize harm, shorten recovery duration, and mitigate related expenses. In the UAE, where industries like technology, tourism, and finance thrive, the possibility of a major incident can reverberate nationally and globally. An organized incident response strategy safeguards a company’s reputation and data and preserves regulatory compliance and customer trust. To prepare for any breach, collaboration with communication specialists, legal advisors, security personnel, and IT experts will ensure no incident is missed. Technical support brings a technical view; the legal advisors give guidelines on compliance, while the communication specialists deal with public relations, ensuring the response is well-grounded and comprehensive. Additionally, taking swift action prevents the threat from causing further damage and spread once a breach occurs. In cyber security, containment and recovery are the main basics. Action includes promptly changing compromised information, diving compromised networks, and isolating the affected systems. Something else that helps block any suspicious domains and cut off communication that the threat might use. After mitigation, organizations should learn from the incident and work towards creating a data-driven analysis for improvement. According to an IBM security study from 17 regions, breaches in the UAE and the Kingdom of Saudi Arabia cost companies up to $6.53 Million per breach on average, which is higher than the $3.86 Million global average per breach. That’s expensive! Operations Sustenance with Business Continuity Business continuity is a method that allows organizations to continue operating during and after a disruption, making sure that essential services are provided to stakeholders and clients. Business continuity plans are crucial in a country with diverse economic sectors like the UAE. Organizations and companies must factor in health crises, geopolitical uncertainties, and power outages. Proper continuity measures allow companies to maintain their competitive edge by showing reliability to customers and partners and minimizing downtime. With tough competition in the market, especially in the UAE, every organization needs to adopt this management. Adopting business continuity management by UAE governments and organizations in private and public sectors helps maintain main services. It creates solid business continuity models for supplying critical services in an emergency in a controlled and planned way, and services are still available. Additionally, developing a proactive risk management plan for federal and local entities in everyday activities in the Emirates ensures everything is under control. However, an organization’s sustainability largely depends on quickly resolving or avoiding issues in an emergency. Quick solutions include duplicating job keys for employees, having crisis management teams, and creating action plans for continuity that are regularly updated, tested, and improved. According to the Abu Dhabi Emergency, Crisis and Disasters Management Center (ADCMC), one of the ultimate goals of business continuity is its implementation, and the body is committed to compliance with Abu Dhabi entities. Bouncing Back Stronger – Disaster Recovery Disasters can have devastating consequences for businesses, whether caused by human error, technological failures, or natural calamities after business disruption or cyber-attacks. Disaster recovery covers the tools and processes to rebuild and restore IT infrastructure, applications, and data. Effective disaster recovery for the UAE is essential for resuming operations and protecting the whole economy – with its strategic importance in finance and global trade industries. Disaster recovery usually includes the outage period of critical assets in IT, high-end technologies and tools, contact information and communication procedures for the team involved in recovery, and the emergency procedures required in case a calamity strikes. Most disasters can disrupt the entire corporate network and database. Organizations can avoid severe consequences with necessary recovery plans, like losing important data. Disaster recovery plans help businesses operate normally with no interruptions. When such events occur, with a business continuity plan in place and a reliable disaster recovery plan, business operations and continuity become guaranteed, and work is resumed despite the situation. To remain active after a disaster, you need innovative solutions like marinating IT equipment to always be in optimal condition. While creating a comprehensive recovery plan, it is important to note that only some things are under control, and anything can happen to anyone. However, knowing the possible threats in the business, industry, and region helps mitigate the situation. After being aware of the hazards you’re likely to encounter, identify assets that require extra attention, create a recovery plan for each disaster, and replicate data with onsite or offsite cold storage. The UAE is uniquely placed geographically, making it susceptible to threats like occasional flash floods, extreme temperatures, and sandstorms. However, with the technology investment and advanced infrastructure, the country can have a robust incident response, business continuity, and disaster recovery measures. The region has integrated systems that can detect, respond to, and recover from incidents with precision and speed with its smart city initiatives and digital economy. Government bodies, regulatory agencies like the UAE Cyber Security Council, and the private sector have largely contributed to cyber security policies, fostering businesses to adopt best practices. The
The Rise of Cyber Insurance due to an Increase of Cyber Attacks in UAE
As businesses in the UAE adopt advanced technologies like AI, IoT, and blockchain and migrate to cloud-based modes, they experience significant challenges from increasing cybercrimes that result in massive financial losses and operation disruptions. Fortunately, cyber insurance provides financial protection against cyber incidents. Considering the capabilities and benefits this insurance policy offers clients, UAE is witnessing many businesses opting for this strategy as part of their cybersecurity plan. What is Cyber Insurance? According to the UAE Cyber Insurance Market Research Report, cyber insurance “is a specialty insurance product that covers business liabilities for internet-based risks involving sensitive customer information and helps organizations reduce the chances of business disruption during attacks and their aftermath.” Today, organizations increasingly purchase adequate cyber insurance policies to protect themselves from frequent and sophisticated cyberattacks targeting businesses of all sizes and industries. In this case, policyholders entrust third parties to cover them from losses arising from hacking, breaches, data and system destruction, ransomware extortions, and denial of service incidents. In general, cyber insurance policies provide coverage in the following ways: Direct or first-party financial loss to you or your firm arising from a cyber event. Protection against lawsuits filed against you or your firm after privacy or security breaches, including investigations, defense costs, compensation payments, and civil damages. Cyber extortion upon a ransomware attack resolution. However, paying a ransom for attackers to unlock your information and systems should be the last course of action and may require the authorities’ involvement. Protection against damage to digital assets, such as websites. Based on the benefits of cyber risk liability policy, commercial entities of any size should consider the product to mitigate cybersecurity risks. You need the insurance cover if your business processes, stores, or transmits confidential information. Besides, cyber insurance is essential for your cybersecurity posture if your firm uses technology and the internet to conduct business. The State of Cyber Insurance in the UAE The UAE Cyber Insurance Market Research Report indicates that the cyber insurance market will grow at a compound annual growth rate (CAGR) of 25.6 percent between 2023 and 2028. Dubai, Sharjah, and Abu Dhabi are projected to attain the highest market share during the forecast period. Revenue from the cyber insurance sector is also predicted to grow by 10 percent per annum, reaching $10.6 billion in 2025. Large enterprises account for the largest share of the cyber insurance market since they have a massive volume of crucial data stored on-premises or in cloud environments. On the other hand, there is mounting adoption of cyber insurance policies from SMEs facing a burgeoning number of cyberattacks since, unlike large enterprises, small and medium companies lack dedicated security teams and adequate IT budgets. Cyber insurance is common in banking, financial services, and insurance (BFSI) sectors with considerable monetary operations. Other clients include IT and telecommunications, energy and power, healthcare, retail, and defense. Certainly, these industries comprise customers’ confidential information attractive to threat actors. The financial sector holds the largest share of the cyber insurance market since the industry’s rising use of mobile and internet banking makes it more susceptible to attacks. Besides banking, the retail sector’s use of online payment pushes the purchase of insurance covers that promote customer trust. The key players in the cyber insurance industry include Lloyd, AXA, Allianz, Berkshire Hathaway, Cyence, Safeshare, Assicurazioni Generali, PolicyGenius, and Munich Re. Key Drivers of the UAE Cyber Insurance Sector 1. Frequent and sophisticated cyberattacks. The main driver for this advance includes the increasing number of cyberattacks that amplify the need for compliance. The rapid internet penetration, integration of advanced technology into businesses, and adoption of cloud computing have increased the risks associated with online activities, making it necessary to adopt a way to mitigate or transfer risks to insurance companies. 2. Accelerated business digitization strategies Additionally, businesses today provide online presence through online shopping, mobile, and internet banking services. The health sector stores electronic medical records (EMRs), increasing the risk of data and privacy breaches. 3. Increased regulatory scrutiny. UAE is undergoing a development phase of stringent data privacy legislation. The Personal Data Protection Law features an integrated framework to ensure the confidentiality of information and the privacy protection of individuals in the UAE. Organizations can acquire cyber insurance policies for coverage in case of administrative penalties imposed for breach of regulatory provisions. 4. The changing political environment Like any other Gulf country, the UAE has become a target of cyberattacks from state-sponsored threat actors. With the upward trend in these incidents targeting corporate information and critical infrastructure, UAE establishments can invest in cyber insurance policies for liability and financial coverage after an attack. Meanwhile, the Russia-Ukraine war has spurred growth in the likelihood of state-sponsored cyber incidents targeting critical infrastructure, corporations, and military operations globally. GlobalData analyst Amrit Dhami states that such attacks will “Lead to expensive payouts and damage the reputations of those reluctant to pay.” 5. Ransomware attacks in the region Ransomware is a significant threat in the UAGE, with a significant number of businesses having experienced a ransomware attack in the last year. With a cyber insurance policy, ransomware victims can be compensated for business interruption, recovery costs, extortion, or the cost of contracting external experts to help recover from an incident. Challenges of Cyber Insurance in the UAE Cyber insurance policies have expensive premiums that can restrain the sector’s growth. However, insurers offering cyber insurance policies are implementing the following solutions to overcome some of the challenges: AI in cyber insurance: Insurance companies integrate artificial intelligence and machine learning capabilities to enhance their efficiency in accurately predicting cyberattacks. Blockchain: With blockchain attributes, cyber insurance providers can reduce the chances of fraud. The technology’s decentralized and immutable nature enhances trust and customer experience by ensuring all parties access the same information. This capability reduces insurance disputes and expedites settlements. Additional support services: Alongside providing coverage for cyberattack expenses and liabilities, insurance providers in the UAE can offer support services, such as preventative planning, breach response services, and post-breach support. Evidently,
The Changing Nature of Cyber-Attacks Due to the Rise in Cryptocurrencies
The United Arab Emirates (UAE) is well established as a global hub for technology and innovation, with a rapidly growing interest in blockchain and cryptocurrency technology. However, being an ever-evolving business hub and the rising popularity of cryptocurrencies, there comes a different shift, like cyber-attacks targeting institutions, businesses, and individuals. As the UAE embraces digital currencies, it encounters a parallel rise in cyber threats propagated by malicious actors. Consequently, while reaping the benefits of decentralized and digitized transactions, the nation must remain vigilant against evolving threats from cybercriminals. The decentralized nature of cryptocurrencies, attributed to their lack of centralized control, poses a unique challenge. Cryptocurrencies are different because they lack a central authority controlling them. If someone steals the secret code you use to access your cryptocurrency, you cannot get your money back. Unlike traditional financial systems, where recourse mechanisms are often available, the inherent design of cryptocurrencies places the onus squarely on the investor’s shoulders. The cryptographic code – the private key that provides access to one’s holding – is very important. If hackers get this key, there’s no avenue for recovery virtually. It makes investing in cryptocurrencies riskier than normal things like bonds or stocks. Apart from theft of codes, cryptocurrencies provide anonymity that promotes a way for hackers to demand ransom payments in ransomware attacks. Now you understand the pressing need for bolstering cyber security measures in the UAE. The Blockchain Strategy in UAE Cryptocurrencies present a double-edged proposition in the UAE, offering advantages such as expanded financial access, heightened privacy, and decentralized transactions. Notably, the UAE government has proactively embraced the integration of cryptocurrencies and blockchain technology in different sectors like logistics, real estate, and finance, launched by His Highness Sheikh Hamdan. An example of this commitment is the Dubai Blockchain Strategy, a collaboration between the Dubai Future Foundation and the Digital Dubai Office. The Dubai Blockchain strategy was launched to provide impactful, efficient, secure, and seamless city experiences to achieve technological leadership and digital innovation. With its aim to use the potential of blockchain technology, the strategy is set to generate substantial economic opportunities in different city sectors. The strategy perfectly aligns with Digital Dubai’s mission to establish the city as a technology hub in a smart economy, encouraging global and entrepreneurship competitiveness. The successful execution of the strategy will position the UAE among the first blockchain governments globally. Crypto Currency- Driven Cyber Threats Cryptocurrencies have led to the rise of ransomware attacks by allowing the transfer of illicit funds directly to crypto wallets. Apart from providing the recipient’s anonymity, such wallets make recovery efforts difficult. With cryptocurrencies, hackers can move millions of dollars in ransom across national boundaries in seconds and without a trace. Ransomware attacks continue to be a huge threat in the UAE. According to a global study, 77 percent of organizations in the UAE, such as healthcare institutions, critical infrastructure, and even small businesses, suffered at least one ransomware attack in the past years. However, at the beginning of 2023, ransomware attacks have reduced significantly by 70%. Additionally, cybercriminals often impersonate legitimate cryptocurrency exchanges, wallets, or initial coin offerings (ICOs) to trick users into disclosing confidential information such as login credentials and private keys. To thwart such threats, education and awareness campaigns are pivotal. The idea of quick profits from cryptocurrencies makes individuals more susceptible to scams. A victim in Sharjah lost over 1 million dirhams to a crypto scam after a cybercriminal befriended her on WhatsApp. The hacker tricked the victim into investing $12,000 in a crypto trading platform. After making some returns, the victim forked an additional $200,000, only to discover later that she was trading in a fake crypto platform designed to mislead investors into believing they were making real reaturns. Ways to Protect UAE’s Digital Future The rise of cryptocurrencies and the new wave of cyber-attacks needs a multifaceted approach to cyber security. To safeguard the digital landscape, some of the strategies to employ include: 1. Training and Education With the advent of blockchain and cryptocurrencies, everyone is on the line. Individuals have their wallets, and as mentioned earlier, due to the nature of cryptocurrencies, once your code is stolen, there’s no way to recover. Therefore, there’s a need to raise awareness among the country as a whole and not just businesses, organizations, and government entities. The UAE has increased the ability to buy real-world assets with crypto-assets. Surprisingly, even allowed for small transactions like buying a meal. This move is huge; individuals must know what it means before taking these steps. 2. User Empowerment There is a need to train on common cyber threats, best practices, and how to identify potential scams to ensure attacks are prevented. Individuals should be taught basic ways to avoid scams, like not sharing personal information or entertaining anonymous messages and calls. Additionally, it is advisable to use exchange platforms regulated by UAE financial regulators by checking with bodies such as the Abu Dhabi Global Market (ADGM) and Dubai Financial Service Authority (DFSA). Also, with the increased cyber-crimes, the Digital Assets Crime Section of Dubai police was formed to deal with crypto issues. Individuals are urged to always do their due diligence by Tarek Mohammed, the head of the Dubai Assets Crime Section at the Dubai Police. Each user is responsible for staying informed and enabling two-factor authentication. 3. Cybersecurity Investment Both private and public sectors ought to allocate resources to foster cyber security infrastructure like incident response plans, regular security audits, and detection systems. The dangerous thing about crypto transactions is that it’s online, and their anonymous nature can lead to fraud. In fact, in 2021, victims of fraud lost up to 80 Million AED from crypto scam cases. 4. Information Sharing and Collaboration An established framework for sharing threat intelligence among cyber security experts, businesses, and government agencies is key to countering emerging cyber threats effectively. UAE regulators need to continue to emphasize collaboration and information sharing. Emphasis on guidance on best practices, especially ADGM and DFSA, by
Continued Increase of Ransomware in the UAE
A thriving business can face significant harm from a ransomware attack, and businesses in the UAE are highly susceptible to ransomware dangers. So, what is ransomware? It is a malicious program that uses encryption to seize and control a company’s or an individual’s data. When ransomware encrypts your data, you or your organization cannot reach files, databases, or applications. The growing threat of ransomware attacks often leads businesses to pay substantial amounts of money to cyber criminals to reduce the attack’s impact. Apart from paying the ransom, these attacks can cause considerable damage and result in significant financial troubles for companies. Netskope’s solutions engineer, Steve Foster, notes that ransomware in the UAE will continue increasing in 2023 and beyond. “In the coming year, we will likely see more groups performing more devastating attacks, more affiliates being involved in these attacks, newer payloads and tools being used, and newer techniques like collaborating directly with malicious insiders,” he said during an interview with Arabian Business. Ransomware attacks target UAE businesses daily. According to a 2021 report, UAE businesses have paid over 5.1 million UAE dirhams (or $1.4 million) as ransom fees to regain system access after ransomware attacks in the past two years. Additionally, 42% of these enterprises were forced to halt their activities following a ransomware attack. Dr. Mohammed Al Kuwaiti, head of cybersecurity at the Government of the UAE, pointed out a recent case in which a ransomware attack targeted a financial institution. The attackers demanded a ransom of $2 million. However, the institution chose not to comply with the demand, aligning with advice against engaging with such attackers. Dr. Al Kuwaiti also emphasized a recent occurrence involving a UAE-based bank. Fortunately, the bank’s strong security measures successfully prevented the attack. While some organizations can prevent ransomware attacks successfully, the threat has grown in 2023. Ransomware groups pose a significant worldwide threat, expanding their influence into the Middle East. Their deeds have observed an astonishing 77% increase in activity in the first quarter of 2023 compared to a similar period in 2022. According to insights from the Group-IB report, nations within the Persian Gulf area have been particularly singled out. Among these, the UAE comprised 33%, followed by Saudi Arabia at 29% and Kuwait at 21%. However, Kaspersky Security Network reported ransomware attacks decreased in Q2 2023. Kaspersky noted that ransomware incidents in the UAE decreased by 9.5%. Although ransomware might be increasing in certain regions while experiencing a decrease in others, the common trend is the growing complexity and precise focus that the ransomware attackers exhibit. Cybercriminals are currently aiming at a diverse range of organizations, including healthcare and educational institutions, service providers, and industrial enterprises. Recent ransomware attacks on UAE organizations 1. UAE Invest Bank refuses to pay $3 million ransom UAE Invest Bank, a notable financial institution, boasts a significant group of users, particularly Internet banking users. In 2015, a hacker managed to breach the bank’s system, accessing SQL databases, transaction records, and customer details, which included credit card information, purchase sums, and validation codes. The hacker demanded a ransom of $3 million in bitcoins. However, the bank chose not to meet the demand, causing the hacker to publicize the stolen data through a Twitter account. Luckily, there were no financial losses incurred due to this event. 2. Moorfields Eye Hospital falls victim to ransomware group Moorfields Eye Hospital, located in Dubai, faced a cyberattack perpetrated by the AvosLocker ransomware group in 2021. The ransomware group acquired a substantial amount of data in the attack, totaling 60GB. The data encompassed duplicates of ID cards, insurance claims, financial papers, call records from the hospital, internal messages, and more. The breach was likely facilitated through malicious emails or ads containing the malware. The attackers proceeded to encrypt the stolen information, but there was no information on the demanded ransom amount. Despite the security breach, the hospital maintained its operational services without interruption. At the same time, they initiated communication with the affected users and launched an investigative initiative to tackle the breach. 3. Dharma ransomware causes chaos across the UAE companies. A contracting company based in Dubai faced a significant setback when a hacker blocked their access to their computer systems. The ransomware incident affected all organizations contracting the company for various IT systems. The hacker had unleashed the well-known crypto virus named Dharma, which led to the encryption of all their files. The Dharma ransomware is infamous for its worldwide spread and consequences. However, it’s important to note that the decryption process for Dharma (.cezar family) is complex. The hacker demanded a $300 ransom in bitcoins to unlock the affected machines, but the company refused to pay, fearing that the encrypted files would not be restored. What does the increasing ransomware mean for UAE organizations? The increasing occurrence of ransomware attacks in the UAE is causing significant worries for organizations nationwide. As ransomware attacks persistently grow in frequency and complexity, businesses must brace for potential disruptions of core operations, loss of crucial information, financial losses, and damage to their reputation. Furthermore, the exposure of sensitive data may lead to regulatory fines and breaches of data privacy rules. Therefore, UAE organizations must implement strong cybersecurity measures to counter these risks and effectively maintain a robust security posture. Defending against ransomware 1. Prioritize consistent data backups. Defending against ransomware necessitates a multifaceted strategy. Firstly, organizations must prioritize consistent data backups and store them in a secure, isolated environment. Maintaining current backups allows for data restoration in the event of an attack without giving in to the attackers’ demands. 2. Cybersecurity training and awareness. In addition, UAE organizations must prioritize training and awareness for all employees. Educating staff about phishing emails, harmful attachments, and dubious links can considerably decrease the likelihood of ransomware infiltrations that result from human error. 3. Implement robust email security controls. Another security control involves implementing robust email filtering and security solutions as a proven measure that intercepts and blocks such dangers before they reach employees’