Connect with us

Cyber Security

Positive Technologies: 16% of Darkweb Listings Involve Middle Eastern Organisations

Published

on

In 2024, cyber criminals have shifted focus from personal data to stealing company credentials and trade secrets. One in six listings (16%) on the dark web featuring stolen government data involves organizations in the Middle East. This insight comes from Positive Technologies’ first study on data breaches in Russia, the Middle East, and globally. Their experts reviewed over 1,000 dark web listings and 700 public incident reports from the first half of 2024 worldwide.

Credential leaks from organisations hit a record high of 21% in the first half of 2024, up 9 percentage points from last year. The theft of commercial secrets and restricted information rose to 24% in the first half of 2024, an increase of 10 percentage points compared to the same period in 2023. Meanwhile, personal data theft incidents returned to pre-peak levels: dropping to 2022 levels in Q1 2024 to 37%, and then falling to 25% in Q2 2024.

In the first half of 2024, the industrial sector (39%), government agencies (36%), and transportation companies (29%) continued to lead in the share of leaks of commercial secrets and other restricted information. Notable victims include Hyundai Motor Europe and Volkswagen, with the latter losing documents on electric vehicle technology. IT companies are also at risk, with breaches involving internal processes and products accounting for 29% of incidents. In 2024, hackers allegedly accessed the source code of some Apple and AMD software.

Stolen credentials are often used for further attacks on these companies’ clients, primarily government organizations. Credential compromise is typically a step before more severe actions, such as theft of funds or system disruption. Ransomware was used in nearly a third of successful breaches involving data leaks. Dark web listings for government data heavily feature Middle Eastern countries (16%), with Asia (33%) in the lead, followed by Latin America and the Caribbean (18%). These regions are targeted by APT groups, mainly focusing on the public sector. Positive Technologies’ research on APT groups in the Middle East and Southeast Asia provides more details.

“Credentials are frequently sold on dark web forums, a key revenue source for cybercriminals. In March, access to a prominent UAE Bank’s website was listed for $10,000. The rise in these leaks is evident on the dark market—forums now offer access to dozens or hundreds of companies per post. In April, a listing was posted offering access to the infrastructure of 16 companies from various industries across Latin America, the Middle East, Europe, and Asia, with prices ranging from $250 to $5,000. According to the listing’s authors, these firms’ revenues range from $4 million to $2.8 billion. For instance, a UAE-based consumer electronics company with $6.5 million in revenue had its data valued at $400. In June, another listing offered credentials for over 400 companies, including access via Jira, GitHub, and GitLab,” notes Anna Golushko, Senior Analyst at Positive Technologies.

The number of dark web ads offering free information is nearly double those selling it (64% vs. 33%). This is because not all attackers aim to sell data; many demand ransom not to disclose it, though not all victims pay. In the first half of 2024, government organizations were often targeted specifically to steal personal data. More than half of ads on the dark web are priced under $1,000. Every tenth ad belongs to the most expensive category at $10,000 or more.

The most expensive offers (over $50,000) involve major financial institutions, retail giants, and IT companies. In Q2 2024, EDR developer Cylance suffered a cyberattack, resulting in 34 million emails and an unspecified volume of customer and employee data being sold for $750,000. Positive Technologies analysts highlight that every second successful attack on organizations in H1 2024 resulted in the leakage of confidential data. The largest number of incidents occurred in government agencies (13%), IT companies (12%), and industrial companies (11%).

Preventing data leaks requires a comprehensive approach, including tools to protect user devices, corporate networks, and the data itself. As corporate data infrastructures evolve into complex systems that are constantly changing rapidly, a unified solution is essential to safeguard information, regardless of its complexity or location.

Cyber Security

AmiViz Champions Cybersecurity Innovation at Leading MENA Events

Published

on

AmiViz has announced its successful participation in two key regional cybersecurity conferences: MENA ISC 2024 in Saudi Arabia, and CYSEC UAE 2024 in the UAE. These events have served as a platform for AmiViz to collaborate with its top vendors, including Bitsight, Cequence Security, Picus Security, AlgoSec, BlackBerry, Check Point, Tenable, Asimily, and Threatcop, to showcase cutting-edge cybersecurity technologies and solutions.

Throughout these events, AmiViz engaged deeply with partners and customers, gaining invaluable insights into the unique cybersecurity challenges faced in the region. The focus was on promoting new technologies that address these challenges and enhance security protocols for businesses operating in the dynamic Middle Eastern market.

“Our presence at the MENA ISC 2024, and CYSEC UAE 2024 has been a remarkable opportunity for us to not only present our innovative solutions but also to understand firsthand the needs and pain points of our clients,” stated Ilyas Mohammed, COO at AmiViz. “Collaboration with our key vendors has allowed us to offer a comprehensive suite of cybersecurity products and services that cater specifically to the complexities of this region.”

AmiViz’s participation in these events underscores its commitment to advancing cybersecurity readiness and resilience across the Middle East. By leveraging strategic partnerships with leading global vendors, AmiViz continues to bring state-of-the-art cybersecurity solutions to the forefront, helping businesses protect their critical assets against increasingly sophisticated cyber threats.

AmiViz, along with its key vendors, will continue participating in major tech events, with plans for a strong presence at GITEX next month. Following GITEX, the company is gearing up for Black Hat in Saudi Arabia this November, showcasing its cutting-edge cybersecurity solutions to the region.

Continue Reading

Cyber Security

UAE and Saudi Arabia Face Unprecedented 70% Rise in Threats: Positive Technologies

Published

on

Positive Technologies experts have unveiled comprehensive research on the shadow market of cybercriminal services targeting the Gulf countries. The UAE and Saudi Arabian organizations remain in the crosshairs of cybercriminals, and over half of all posts on darknet forums are about selling data and access to local companies’ infrastructures. Researchers have highlighted a sharp increase in the free distribution of such data on the dark web, along with a surge in reports of DDoS attacks targeting the public sector and other industries. One in five ads analyzed was related to buying or selling access, with two-thirds available for under $1,000.

According to the research, cybercriminals remain focused on the two largest economies in the region—the UAE (40% of all posts) and Saudi Arabia (26%). The spotlight on darknet forums is on the public sector, which accounted for 21% of all analyzed posts. Most of the data (63%) related to regional government institutions was published for free as part of hacktivist attacks. Next in line for most popular on the dark web are commerce (16% of all ads), the service sector (15%), and financial institutions (13%).

Amid geopolitical tensions, hacker groups have ramped up calls for DDoS attacks and breaches to disrupt government institutions in the region. In the first half of 2024, the number of reports on the results of DDoS attacks on the dark web surged by 70% compared to the same period in 2023. Beyond the public sector, hacktivists also targeted the financial and transportation sectors.

According to the research, 33% of all the analyzed ads were linked to data breaches. One-third of these messages were about selling information. In these ads, criminals primarily offered databases stolen from major commerce companies, with an average cost of $2,300.

Positive Technologies analyst Anastasiya Chursina commented, “When compared to our previous research over a similar period, the share of freely distributed data almost doubled (up to 59%). This allows criminals to broaden the profiles of potential victims for targeted attacks. If the victim refuses to pay the ransom, both ransomware groups, as well as hacktivists (whose goal is to draw public attention to a political stance rather than just receive financial gain), can distribute data for free.”

Accessing company information resources is the second most common type of dark web ads, making up 21% of all listings. According to the research, in 70% of all cases, access can be bought for less than $1,000. The vast amount of access-for-sale ads on the darknet and their low cost make it easier for cybercriminals to gain initial access and launch attacks on organizations in the region.

Positive Technologies recommends that companies build their defences based on result-driven cybersecurity, using modern tools such as application-level firewalls, including cloud versions, network traffic analysis systems, solutions for monitoring information security events and managing incidents, as well as metaproducts.

Continue Reading

Cyber Security

BotGuard OÜ to Offer Live Demos at GITEX GLOBAL 2024

Published

on

BotGuard OÜ will present its intuitive, user-friendly cybersecurity solution at GITEX GLOBAL 2024, focusing on effective bot protection. Live demonstrations in Hall 25 stand H25-21 will showcase the ease and efficiency of the technology in securing websites against malicious attacks. “Our participation in GITEX GLOBAL 2024 underscores our commitment to addressing the escalating malicious bot attacks faced by organizations worldwide,” said Bertil Brendeke, Chief Revenue Officer (CRO) of BotGuard OÜ. “At GITEX, we aim to engage with industry leaders and stakeholders, sharing our expertise and practical technologies that can help fortify their defences.”

In 2023, 17% of API attacks involved bad bots exploiting business logic vulnerabilities. For hosting companies, such vulnerabilities can lead to unauthorised access to sensitive customer data or control over hosting resources, further emphasizing the need for reliable security protocols and regular audits of their systems. “BotGuard OÜ’s solutions are designed to address these exact challenges, enabling businesses to safeguard their digital assets. The technology is incredibly easy to use, making it accessible for businesses of all sizes,” the company said.

By participating in GITEX GLOBAL 2024, BotGuard OÜ aims to expand its reach in the Middle East, providing local businesses with the tools they need to combat cyber threats effectively. During the event, live demonstrations in Hall 25 stand H25-21 will showcase how their website protection can be set up within a minute. These demonstrations will highlight the efficiency and effectiveness of BotGuard’s solutions.

Continue Reading
Advertisement

Follow Us

Trending

Copyright © 2021 Security Review Magazine. Rysha Media LLC. All Rights Reserved.