Market Research
GDPR Fines Hit Nearly €100 Million in H1 2022

The General Data Protection Regulation (GDPR) is a regulation in the EU that controls how all personal data on EU citizens is collected and processed. The legislation covers various privacy aspects, from cookies to monitoring employees in the workplace.
Worth noting that if a company outside of the EU gathers data from users inside the EU, it must adhere to the GDPR. Those who fail to comply with the GDPR requirements receive hefty fines. An analysis by Atlas VPN reveals that GDPR fines hit a total of €97.29 million in the first half of 2022, an increase of 92% over H1 2021.
The data for the analysis is extracted from Enforcementtracker. Please note that not all penalties are made public. The chart below shows monthly GDPR fines for H1 2021 and H1 2022. Companies and individuals were charged a total of €50.6 million in GDPR penalties in H1 2021. On the other hand, legal cases slightly decreased from 215 in 2021 to 205 in 2022.
In other words, even though the number of GDPR violations slightly decreased in 2022, the severity of those violations was considerably worse. The most noticeable difference between 2021 and 2022 can be seen in February, where the total amount penalized differs by nearly €28 million.
On the other hand, there is a distinctive trend throughout both years – around 70% of fines happen throughout the first quarter. In June 2021, the State Commissioner for Data Protection (LfD) of Lower Saxony imposed a fine of €10.4 million on notebooksbilliger.de AG. The German company had monitored its employees by video for at least two years without any legal basis.
The inadmissible cameras recorded, among other things, workplaces, sales rooms, warehouses, and common areas. The company countered by stating that surveillance aimed to prevent and investigate crimes and track goods in warehouses.
However, video surveillance is only lawful when justified suspicion against specific individuals exists. If that is the case, it is allowed to monitor them with cameras for a particular period. Yet, in this case, the monitoring was not limited to specific employees or a time.
In May 2022, the Information Commissioner’s Office (ICO) fined Clearview AI Inc £7,552,800 for using images of people in the UK and elsewhere collected from the web and social media to create a global online database that could be used for facial recognition. Clearview AI Inc has collected more than 20 billion images of people’s faces and data from publicly available information. It did not inform any persons that their images were being collected or used this way.
In addition, the company effectively monitors the behaviour of those individuals and offers it as a commercial service. The GDPR was necessary because the old laws were written before the emergence of new technologies, like smartphones and tablets, which meant that users were not protected against enterprises abusing their personal information.
Luckily, the GDPR gave individuals more clarity on how and why businesses use their data. In addition, the GDPR also considerably limited the data businesses can collect, allowing individuals to browse the web and use services with much more privacy.
Cyber Security
The Average Time to Investigate a Cybersecurity Incident is Around 26.1 Days, says Binalyze

With the intricacies of the digital world growing exponentially, the relevance of effective and timely Digital Forensics and Incident Response (DFIR) cannot be overstated. Recognising this need for insight, Binalyze, in collaboration with the global market intelligence firm IDC, is excited to publish a compelling new report: “The State of Digital Forensics and Incident Response 2023”.
Based on an extensive survey conducted in June 2023, the study brings into focus the perspectives of over 100 cybersecurity professionals from five Middle Eastern countries. This diverse respondent pool consists of individuals directly influencing the cybersecurity functions within their organizations, with roles spanning SOC analysts, DFIR professionals, Incident responders, Threat hunters, SOC managers, and Directors.
The key findings of the report are critical for anyone involved in DFIR, from SOC teams to individual analysts and investigators. Report highlights include:
- According to the research and subsequent analysis, the average time to investigate an incident is approximately 26.1 days, and the time to resolve incidents is an additional 17.1 days.
- The importance of reducing “detection-to-resolution” times for efficient incident management.
- The ongoing skills shortage: 81% of respondents identified this as a major challenge.
“Our world thrives on digital connections, but with this connectivity comes vulnerabilities. As the frequency and intensity of cyber threats surge, the importance of DFIR in understanding, mitigating, and learning from these threats is paramount. There is a real and urgent need for forensic visibility at speed and scale. AIR is a game changer here and should be at the centre of all SOCs DFIR effort,” says Ahmet Öztoprak, Senior Sales Director of META at Binalyze.
This report serves as both a wake-up call and a guide. By leveraging the insights from the top cybersecurity professionals in the Middle East, ‘The State of Digital Forensics and Incident Response 2023’ aims to provide companies with the knowledge and solutions they need to combat emerging cyber threats effectively and maintain resiliency.
Cyber Security
Cybercriminals Used Malware in 7 Out of 10 Attacks on Individuals in the Middle East

Positive Technologies analyzed attacks on individuals in Middle Eastern countries between 2022 and 2023. Malware was used in 70% of successful attacks. More than half of these attacks involved spyware. The vast majority of attacks used social engineering techniques. In 20% of phishing campaigns, the attack was multi-pronged, exploiting multiple social engineering channels simultaneously.
“According to our data, cybercriminals employed malware in 7 out of 10 successful attacks on individuals in the Middle East region. More often than not, the attackers infected users’ devices with spyware (three out of five malware attacks). This type of malware collects information from the infected device and then passes it on to the attacker. Depending on the task, spyware can steal personal and financial data, user credentials, as well as files from the device’s memory,” the company said.
Positive Technologies Information Security Research Analyst Roman Reznikov said, “By using spyware, attackers can compromise not only personal and payment information and personal accounts, but also corporate credentials, network connection information, and other sensitive data. The stolen data is then offered for sale on the dark web forums. As a result, a skilled attacker can gain access to an organization and carry out a successful attack, leading to non-tolerable consequences: disruption of technological and business processes, theft of funds, leakage of confidential information, attacks on customers and partners.”
In the vast majority (96%) of successful attacks on individuals in Middle Eastern countries, social engineering techniques were employed. Most often, these were mass attacks in which the criminals aimed to reach the maximum number of victims. To achieve this, they actively leveraged current news about significant global and regional events, including the 2022 FIFA World Cup Qatar.
In every fifth (20%) phishing campaign, the attack was multi-pronged, exploiting multiple social engineering channels simultaneously. Criminals led the victims through a series of steps until the device was infected and data stolen. For instance, users could be lured through social media accounts that contained links to a messenger channel from which the victim would install a malicious application.
One of the reasons for the success of social engineering is the numerous data leaks from various organizations. “According to our research on the cybersecurity threatscape in the Middle East, 63% of successful attacks on individuals in the region resulted in leaks of confidential information. The majority of stolen information consisted of personal data (30%) and account credentials (30%). Cybercriminals were also interested in payment card data (10%) and user correspondence (8%).” the company added.
On the dark web, malicious actors sell information about users and also provide stolen data archives for free. Criminals use the compromised information in subsequent attacks on users. For example, a successful attack on a bank could result in fraudulent actions against its customers. Cybersecurity experts recommend that users follow cyber-hygiene rules.
Companies also need to ensure the security of employee and customer data. Data breaches cause reputational and financial damage and put at risk users whose information has been compromised. To maintain cyber-resilience, it’s essential to regularly assess the effectiveness of security measures and pay special attention to the verification of non-tolerable events.
Market Research
Cybercriminal Forums Host Attack & Evasion Research Contests, Says Sophos

Sophos has announced its discovery regarding the role of research contests within cybercrime forums. These contests serve as a source of inspiration for the development of new attack techniques and methods to evade detection. Remarkably, these contests closely resemble legitimate security conferences’ “Call For Papers” and offer substantial financial rewards, peer recognition, and potential job opportunities to the winners.
Sophos X-Ops has detailed these findings in its latest report, titled “For the Win? Offensive Research Contests on Criminal Forums.” The primary objective of these contests is to foster innovation, and upon closer examination, the submitted entries provide invaluable insights into how cybercriminals strategize to overcome security challenges.
Interestingly, the landscape of these criminal forum competitions has evolved significantly over time. In the early days, cybercrime contests featured trivia quizzes, graphic design competitions, and guessing games. However, contemporary criminal forums are now encouraging attackers to submit comprehensive articles on technical subjects, complete with source code, videos, and screenshots. Following the submission, all forum users are invited to vote for the contest’s victor. Nevertheless, it’s worth noting that the judging process isn’t entirely transparent, as forum owners and contest sponsors also hold influence over the final decision.
“The fact that cybercriminals are running, participating, and even sponsoring these contests, suggests that there is a community goal to advance their tactics and techniques. There is even evidence to suggest that these competitions act as a tool for recruitment amongst prominent threat actor groups,” said Christopher Budd, director of threat research, Sophos. “While our research shows an increased focus on Web-3 related topics such as cryptocurrency, smart contracts and NFTs, many of the winning entries had a broader appeal and could be put to practical use, even if they weren’t particularly novel. This may be reflective of the priorities of the community but could indicate that attackers keep their best research to themselves as they can profit more from using them in real-world attacks.”
Sophos X-Ops delved into the examination of two notable annual competitions: one hosted by the Russian-language cybercrime platform Exploit, which offered a substantial prize pool of $80,000 to its 2021 contest winner, and another conducted on the XSS forum, featuring a prize fund of $40,000 in the year 2022. These contests have received sponsorship from influential figures within the cybercriminal community over several years, with notable contributors including All World Cards and Lockbit.
In the most recent iterations of these contests, Exploit centered its competition around the theme of cryptocurrencies, whereas XSS broadened its scope to encompass various topics, ranging from social engineering and attack vectors to evasion tactics and scam proposals. Many of the victorious entries concentrated on the exploitation of legitimate tools, such as Cobalt Strike. One of the runners-up even shared a tutorial on targeting initial coin offerings (ICOs) to raise funds for a new cryptocurrency, while another provided insights into manipulating privilege tokens to disable Windows Defender.
-
Cyber Security5 days ago
Chinese Malware Appears in Earnest Across Cybercrime Threat Landscape
-
Channel Talk7 days ago
CyberKnight Partners with NightDragon to Bring New Cybersecurity Innovations to the META Region
-
Artificial Intelligence5 days ago
The 43rd Edition of GITEX GLOBAL to Take Place From 16th to 20th October 2023
-
Artificial Intelligence1 week ago
F5 to Show Off Multi-Cloud Networking and AI Solutions at GITEX 2023
-
Channel Talk1 week ago
CrowdStrike Intros Accelerate Partner Program
-
News1 week ago
Check Point Software Completes Acquisition of Perimeter 81
-
Cyber Security7 days ago
Cybercriminals Used Malware in 7 Out of 10 Attacks on Individuals in the Middle East
-
Cyber Security5 days ago
The Average Time to Investigate a Cybersecurity Incident is Around 26.1 Days, says Binalyze