PHOTO
Middle Eastern findings from EMEA Advanced Threat Report show that organizations in Saudi Arabia, Qatar and the UAE are among the most exposed to advanced targeted attacks
Dubai, UAE – FireEye, Inc., the leader in stopping today’s advanced cyberattacks, recently announced an overview of the threat landscape in the EMEA (Europe, Middle East and Africa) region for the first half of 2016 in its latest Advanced Threat Report for Europe and the Middle East.
Based on findings from the FireEye® Dynamic Threat Intelligence™ (DTI™) cloud between January and June 2016, 96 percent of global organizations were unknowingly breached as threat actors of all kinds increasingly evade traditional security products. The report explores how nation-state based threat actors and cybercriminals conduct espionage and target organizations in the EMEA region.
Key findings from the Middle East include:
· Organizations in Saudi Arabia, Qatar and the UAE were among the most exposed to advanced targeted threats in the Middle East. FireEye observed actors specializing in money laundering targeting prepaid online and mobile payment systems. These systems can be used to purchase a wide variety of goods and services, making them useful for laundering and monetization activities. It is also possible that actors are looking to steal the balances of accounts with these systems.
· 19% of organizations observed during this period in Saudi Arabia were exposed to at least one targeted attack. This figure was 14% and 11% for Qatar and the UAE respectively.
· 28% of government organizations observed during this period were exposed to at least one targeted attack.
· China-based espionage actors targeted a variety of industries in the Middle East. Their motivations included obtaining data related to political, military, and economic issues affecting Southeast Asia. In the past, threat actors such as China-based APT22, APT27, and APT30 have targeted organizations in the Middle East.
· Substantial espionage activity was detected from Iran-based threat actors. Iranian activity included targeting key industries such as aviation, finance, government, technology, and telecommunications in countries including Saudi Arabia, the UAE, Bahrain and Oman.
· Energy, Government and the Financial Services sectors were the most targeted verticals in the Middle East during the first half of 2016. Specific targets included oil production facilities and industrial control systems (Energy); foreign and defence ministries (Government); retail banks, investment banks and sovereign wealth funds (Financial Services).
· Ransomware is an increasingly common threat to organizations in the region and a favoured tool in extortion campaigns. Compared to 2015, the first half of 2016 saw a major spike in ransomware activity. As prevention technology improves, ransomware creators and cybercriminal groups quickly move to new variants.
· Much like the second half of 2015, the usage of macro malware to deliver malicious payloads continued to increase. Certain Microsoft Office documents, such as Word or Excel files, contain malicious code, called macros, and are distributed online, usually masquerading as harmless emails. Once these infected documents are opened by an unsuspecting user, the macros automatically infect the computer in question.
“FireEye is on the frontlines of the most pressing cyberattacks in the region and it’s crystal clear the cyber domain is the new front for supremacy,” says Mohammed Abukhater, Regional Director for the Middle East and North Africa at FireEye. “The strategic and economic importance of the region’s oil reserves, as well as contentious geopolitics, have made the Middle East a ripe target for both regional and external groups. These threat actors use cyberattacks as a low-cost and low-risk substitute for conventional means of inflicting damage on rival states and organizations. While some Gulf states have made substantial efforts to enhance their cyber security, further investments are needed to shift the balance of power away from the attackers.”
About FireEye, Inc.
FireEye is the leader in intelligence-led security-as-a-service. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned Mandiant® consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent, and respond to cyber attacks. FireEye has over 5,000 customers across 67 countries, including more than 940 of the Forbes Global 2000.
© 2016 FireEye, Inc. All rights reserved. FireEye, Dynamic Threat Intelligence, DTI and Mandiant are registered trademarks or trademarks of FireEye, Inc. in the United States and other countries. All other brands, products, or service names are or may be trademarks or service marks of their respective owners.
For media enquiries:
Adnan Bashir
abashir@golin.ae
+971 56 6047995
© Press Release 2016
