NCSC, Jordan tackles 915 incidents in Q4 2023

PHOTO

AMMAN — The National Cyber Security Centre (NCSC) dealt with 915 cyber incidents during the fourth quarter of 2023, primarily targeting critical government networks, ministries, and key institutions, as noted in the centre's cybersecurity situation report published recently.

The report sheds light on a meticulous response effort, with the cyber incident response team executing 30 operations and undertaking 31 digital analyses to scrutinise evidence associated with these incidents, according to the Jordan News Agency, Petra.

The incidents varied in severity, with 21 per cent classified as low-risk, 2 per cent as serious, and 77 per cent as medium-risk.

The cyber threats identified included ransomware 4.48 per cent, hacking attempts 5.25 per cent, and malware incidents, both for information collection 8.63 per cent and general malware 55.85 per cent, which remained prevalent.

Examinations of government servers and institutions unveiled a surge in security vulnerabilities, escalating to 124,901, marking a 51 per cent increase compared with the previous quarter, in addition, 810 vulnerabilities were discovered across 113 government websites, reflecting a 14 per cent rise.

Penetration tests increased to 72, detecting 87 vulnerabilities, which is 61 per cent higher compared with the preceding quarter. These vulnerabilities were categorised as medium-risk 13 per cent, high-risk 22 per cent, serious 25 per cent, and low-risk 40 per cent.

Critical national cyber risks included the use of unlicensed or outdated software, open protocols without data encryption, insecure network protocol configurations, and exposed internal services. These risks were categorised by severity as high 14 per cent, critical 10 per cent, normal 9 per cent, medium-risk 31 per cent, and low-risk 36 per cent.

The report underscored that cyber incidents surged by 100 per cent compared with the previous quarter, attributing this increase to enhanced threat detection capabilities, expanded monitoring scope, and increased digitalisation efforts across institutions.

The 75 per cent increase in malware incidents and indicators of policy non-compliance underscored systemic weaknesses in cybersecurity practices across organisations, highlighting the need for robust cybersecurity measures, the report added.