Connect with us

Market Research

A Third of Saudi and UAE Employees Think They Have Put Highly Sensitive Data at Risk in the Past 12 Months

Published

on

Western Digital has released data exploring the attitudes and behaviours of over 634 employees (data users) and employers (data managers) around highly sensitive data in the Middle East. The research found that 77 percent of data managers believe employee behaviour is a bigger threat to their highly sensitive data than external hackers and that almost a third (32 percent) of data security incidents originates with employees.

In summer 2021, Western Digital spoke to 210 managers and 424 data users in Saudi Arabia and the UAE. Respondents work in media and entertainment, the public sector, legal professional services, healthcare and financial services, and in businesses ranging in size from small (10-99 employees) to enterprise (5000+ employees).

Data users are aware of the risks. In fact, 32 percent of data users surveyed think they have put highly sensitive data at risk in the past 12 months. This is further confirmed by just under two-thirds (60 percent) of data managers stating that they have seen security threats and incidents increase over the same time period.

However, data users continue to fall into the trap of using poor security practices, especially when it comes to data sharing and storage. Almost three-quarters (73 percent) of data users have access to data they shouldn’t, this is worrying as 82 percent of data managers think data security could be improved in how they store and transmit highly sensitive data.

Risky Security Practices
Remote and hybrid working styles have become the new norm with 89 per cent of data users claiming that they work on collaborative projects that require data sharing. But, these collaborative and remote ways of working have widened the evolving threat landscape and exposed some major risks. The top five risks cited by data managers are just the tip of the iceberg. Almost two in five (39 per cent) of data users said that they share physical hard disks (HDDs) and solid-state drives (SSDs) with colleagues at work in order to share data. While, 36 per cent of data users admitted to sharing their work devices with family and friends, and 32 per cent admitted to taking sensitive data with them when they left an organisation. 

Sharing Data
There remains a clear gap in employee behaviour between the data sharing method used and their assumption of what the most secure way to share sensitive data is. The most common methods for sharing or transmitting highly sensitive data by employees were email (49 per cent) and cloud or online file sharing (40 per cent), ahead of HDD / SSD (39 per cent) and USB drives (28 per cent). These figures suggest ease of use and familiarity are key factors in the decision-making process for data users when it comes to how to share sensitive data.

However, 93 per cent of data managers want more control over how their data is stored and shared. Coupled with the belief that data security needs immediate improvement, almost two thirds (63 per cent) of data mangers expect to see their use of physical drives (HDDs and SSDs) increasing in the next two years, due to the encryption and security features these technologies can offer. Some features that organisations believe are very important when it comes to using physical drives for highly sensitive data include:

  • Consistent performance and reliability (78 per cent)
  • Encryption (70 per cent)
  • Enhanced control / being able to protect data remotely if the drive is lost or stolen (66 per cent)
  • Large capacity (64 per cent)
  • Improved authentication (61 per cent)

Ultimately, 84 per cent of data managers say HDDs or SSDs with encryption or security features address many of the concerns companies may have had about this technology.

Khwaja Saifuddin, Senior Sales Director for Middle East, Africa & South Asia at Western Digital concluded: “In today’s business environment, increased security risks, employee behaviour and the sheer volume of data produced, can make it difficult for organisations to stay on top of security and storage challenges. As technology advances, employees and employers are looking for ways to store and share sensitive data more securely. The combination of the right infrastructure, integrated with encryption platforms, to store and share sensitive data, and the education of employees of the threats they may be exposing their organisation to will go a long way to improving the threat landscape and reducing risk.”

Country Stats

Saudi Arabia

  • Over a quarter (26 per cent) of data users in Saudi Arabia think they’ve put highly sensitive data at risk in the last 12 months
  • 52 per cent of data managers in Saudi Arabia have seen data security threats and incidents increase in the last 12 months
  • 78 per cent of data managers from Saudi Arabia agree that employee behaviour is a bigger threat to highly sensitive data than external hackers
  • Saudi Arabian data managers estimate that just over a quarter (27 per cent) of security incidents originate from employees. The most common methods for sharing or transmitting highly sensitive data by employees in Saudi Arabia were email (48 per cent), cloud or online file sharing (41 per cent), and HDD / SSD (41 per cent), ahead of USB drives (21 per cent)

UAE

  • Over a third (37 per cent) of data users in the UAE think they’ve put highly sensitive data at risk in the last 12 months
  • 69 per cent of data managers in the UAE have seen data security threats and incidents increase in the last 12 months
  • 76 per cent of data managers from the UAE agree that employee behaviour is a bigger threat to highly sensitive data than external hackers
  • Data managers from the UAE estimate that over a third (36 per cent) of security incidents originate from employees. The most common methods for sharing or transmitting highly sensitive data by employees in the UAE were email (50 per cent) and cloud or online file sharing (39 per cent), ahead of HDD / SSD (28 per cent) and USB drives (24 per cent)

Cyber Security

Phishing and Scam Hit the Roof in UAE with 230% Increase in Q2 2022: Kaspersky

Published

on

Kaspersky analysis has revealed that attacks related to data loss threats (phishing and scam/social engineering) increased significantly in Q2 2022 at 230% in comparison with the previous quarter in the UAE – the company’s security solutions have detected 3,481,419 phishing attacks in the UAE in Q2.

Social engineering which is sometimes called “human hacking” scams is used in many ways, and for different purposes, to lure unwary users to the site and trick them into entering personal information. The latter often includes financial credentials such as bank account passwords or payment card details, or login details for social media accounts. In the wrong hands, this opens doors to various malicious operations, such as money being stolen or corporate networks being compromised.

Phishing is a strong attack method because it is done on a large scale. By sending massive waves of emails under the name of legitimate institutions or promoting fake pages, malicious users increase their chances of success in their hunt for innocent people’s credentials. Phishers deploy a variety of tricks to bypass e-mail blocking and lure as many users as possible to their fraudulent sites. A common technique is HTML attachments with partially or fully obfuscated code. HTML files allow attackers to use scripts and obfuscate malicious content to make it harder to detect and send phishing pages as attachments instead of links.

According to Kaspersky data, most of Middle East countries saw a staggering increase in attacks related to data loss threats by 159% in the second quarter of 2022 with 15,012,880 phishing scam detections. The highest targeted country was Saudi Arabia with 5,808,946 phishing attacks (a growth by 168%). In particular, while vacation season is high, scammers are trying to lure travellers who are looking for interesting places to go, cheap places to stay and reasonably priced flights. Kaspersky researchers have observed intensified scamming activities, with numerous phishing pages distributed under the guise of airline and booking services. The number of attempts to open phishing pages related to booking and airline services in the first half of 2022 was 4,311 in the META region.

“Planning a vacation is not easy. People can spend weeks, even months, looking for the perfect place to stay and the tickets to get them there. Fraudsters use this to lure users that have grown tired of searching for great deals. After two years of flight restrictions imposed by the pandemic, travelling is back. But so are travel scams – with intensified scamming activity targeting users through fake booking and rental services. Such attacks are totally preventable, which is why we urge users to be sceptical about overly generous offers. If an offer seems too good to be true, it probably is,” comments Mikhail Sytnik, a security expert at Kaspersky.

To keep yourself protected, Kaspersky experts recommend:

  • Carefully look at the address bar before entering any sensitive information, such as your login details and password. If something is wrong with the URL (i.e. spelling, it doesn’t look like the original or it uses some special symbols instead of letters) don’t enter anything on the site. If in doubt, check the certificate of the site by clicking on the lock icon to the left of the URL.
  • Not clicking on links that come from unknown sources (either through e-mails, messaging apps or social networks).
  • Visit the business’ official website if you see a giveaway offered in e-mail or on social media by a travel company or an airline to confirm the giveaway exists. You should also carefully check the links the giveaway ad leads you to.
  • Using a good security solution that can protect you from spam emails and phishing attacks.
Continue Reading

Cyber Security

Cyber Attacks Have Increased Globally by 42% with Ransomware as the Number One Threat

Published

on

Check Point Research (CPR), the Threat Intelligence arm of Check Point Software Technologies Ltd., has released its ‘Cyber Attack Trends: 2022 Mid-Year Report’. The report highlights how cyberattacks have become firmly entrenched as a state-level weapon, including the new ransomware method of ‘Country Extortion’ and state-affiliated hacktivism, and the expansion of ransomware as the number one threat.

Besides insight into the evolution of cyberattacks as a state-level weapon complementing actual military conflict and the elevation of ransomware utilized in nation-state level attacks for financial and social gain, the report also delves into the growth of cloud supply chain attacks through new sources of modules in the open-source community. Up-to-date statistics on the industry and regional cyberattacks as well as advice and predictions for the remainder of 2022 including an analysis of Incident Response exploring the full lifecycle of a cyberattack, presents an integrated view of how cyberattacks have led to major disruption, causing real harm to civic and cyber life in 2022.

“The war in Ukraine has dominated the headlines in the first half of 2022 and we can only hope that it will be brought to a peaceful conclusion soon,” said Maya Horowitz, VP of Research at Check Point Software. “Its impact on cyberspace has been dramatic in both scope and scale, and we have seen huge increases in cyberattacks against organizations in all sectors and all countries this year. Unfortunately, this will only get worse, especially with ransomware now being the number one threat to organizations. However, with the right expertise, strategy and cybersecurity solutions in place, companies are able to prevent attacks from happening.”

Top predictions for H2 highlighted in the report include:

  • Ransomware will become a much more fragmented ecosystem– while ransomware groups have become more structured and operate like regular businesses, with set targets to hit, there will be a lesson learned from the Conti ransomware group, whose size and power garnered too much attention, which led to its downfall. Going forward, we think there will be many small-medium groups instead of a few large ones, to hide in plain sight more effectively.
  • More diverse email infection chains – due to the implementation of internet macros being blocked by default in Microsoft office, the more sophisticated malware families will accelerate the development of new infection chains, with different file types that are password protected to prevent detection as sophisticated social engineering attacks increase.
  • Hacktivism will continue to evolve– hacktivist groups will continue to align their attacks with the agenda of their chosen nation-state, particularly as the Russia-Ukraine war is still ongoing.
  • Continued attacks on decentralized blockchain networks with expected first attacks in Metaverse– with major incidents relating to blockchain platforms, such as a vulnerability on Rarible marketplace or ApeCoin Airdrop vulnerability, we expect to see continued efforts by hackers to breach and hijack crypto assets. In addition, we believe that we will see initial attacks in the Metaverse that will exploit smart contract vulnerabilities.
Continue Reading

Cyber Security

Wipers and IoT Botnets Dominate the Threat Landscape, says Nozomi Networks

Published

on

The latest OT/IoT security report from Nozomi Networks Labs finds wiper malware, IoT botnet activity, and the Russia/Ukraine war impacted the threat landscape in the first half of 2022. Since Russia began its invasion of Ukraine in February 2022, Nozomi Networks Labs researchers saw activity from several types of threat actors, including hacktivists, nation-state APTs, and cyber criminals. They also observed the robust usage of wiper malware, and witnessed the emergence of an Industroyer variant, dubbed Industroyer2, developed to misuse the IEC-104 protocol, which is commonly used in industrial environments.

Additionally, in the first half of 2022, malicious IoT botnet activity was on the rise and growing in sophistication. Nozomi Networks Labs set up a series of honeypots to attract these malicious botnets and capture their activity in order to provide additional insights into how threat actors target IoT. In this research, Nozomi Networks Labs analysts uncovered growing security concerns for both hard-coded passwords and internet interfaces for end-user credentials. From January to June 2022, Nozomi Networks honeypots found:

  • March was the most active month with close to 5,000 unique attacker IP addresses collected.
  • The top attacker IP addresses wereassociated with China and the United States.
  • “root” and “admin” credentials were most often targeted and used in multiple variations as a way for threat actors to access all system commands and user accounts.

On the vulnerability front, manufacturing and energy continue to be the most vulnerable industries followed by healthcare and commercial facilities. In the first six months of 2022:

  • CISA released 560 Common Vulnerabilities and Exposures (CVEs)– down 14% from the second half of 2021
  • The number of impacted vendors went up 27%
  • Affected products were also up 19% from the second half of 2021

“This year’s cyber threat landscape is complex,” said Roya Gordon, Nozomi Networks OT/IoT Security Research Evangelist. “Many factors including increasing numbers of connected devices, the sophistication of malicious actors, and shifts in attack motivations are increasing the risk for a breach or cyber-physical attack. Fortunately, security defenses are evolving too. Solutions are available now to give critical infrastructure organizations the network visibility, dynamic threat detection, and actionable intelligence they need to minimize risk and maximize resilience.”

Nozomi Networks’ “OT/IoT Security Report” provides security professionals with the latest insights needed to re-evaluate risk models and security initiatives, along with actionable recommendations for securing critical infrastructure. This latest report includes:

  • A review of the current state of cybersecurity
  • Trends in the threat landscape, and solutions for addressing them
  • A recap of the Russia/Ukraine crisis, highlighting new related malicious tools and malware
  • Insights into IoT botnets, corresponding IoCs and threat actor TTPs
  • Recommendations and forecasting analysis
Continue Reading
Advertisement


Follow Us

Trending

Copyright © 2021 Security Review Magazine. Rysha Media LLC. All Rights Reserved.