And according to UAE media outlet The National, instances of malware-based cryptojacking, in which personal devices are “zombified” and forced to mine cryptocurrencies, are twice as common in the United Arab Emirates than anywhere else in the world.
The UAE is known globally for rapid, even “hyper,” modernization, and the country has been an epicentre of lifestyle-related innovation.
Motivations for cryptojacking attacks targeting that region’s devices are financial, says Sedani. “They know companies are doing better here than in other parts of the world.”
Symantec says malware attacks against targets in the Middle East have increased steadily since 2017.
The company claims that 1 out of every 183 emails (0.5%) circulated in the UAE last year continued a malicious link designed to infect devices with malware.
The global average is 1 out of 412, or 0.2%.
Phishing emails designed to procure personal information from possible targets were also abnormally common in the UAE, and represented 1 out of every 2312 emails moving in the Emirates.
The global average or 1 in 3207.
Companies with more that 2500 employees were the most likely to be targeted by malware or phishing campaigns, said Sedani. Smaller firms with between 500-1000 have so far been preferred in spam attacks, he said.
Cybersecurity researchers have noted that, generally speaking, as large enterprises tighten security in response to an increasing prevalence of cyberattacks, attackers are starting to switch focus on targeting smaller firms and public institutions, where cybersecurity budgets are typically more modest.
Smaller firms and public institutions are strongly advised to keep back ups of all data, to train employees to reject unverified emails, and to ensure the company is subscribed to anti-malware software that regularly updates.
Data held in computer systems at the Boston public defenders’ office was recently locked up in a ransomware attack that led to weeks-long delays of certain trials.
Aluminum producer Norsk Hydro also had production interrupted at European and American facilities in March when malware locked down data triggered vats of molten metal to be switched off.
American legal intelligence newsletter JD Supra recently reported that 22% of American law firms reported a cyberattack or data breach in 2017.
Sedani confirmed that attacks on smaller organizations are mounting:
“Bigger companies tend to have more resources to go after vulnerabilities and shore up their security controls…Attacks on smaller companies are flourishing here.”
Sedani also claimed that malware and phishing attack methods are advancing so quickly that it is hard for cybersecurity firms to catch up.
With regards to malware infection of “smart” (Internet-connected) devices, including Internet-enabled fridges, televisions, home communications, lighting, heating and other control systems cryptocurrencies, Sedani warned:
“There is no way you can know if a device has been compromised unless you have an advanced security system.”