Cases handled by Oman National CERT:

  • 2,334 Security incidents in 2018
  • 1,829 Security incidents in 2017
  • 1,744 Security incidents in 2016
  • 432,978 Cyberattack attempts in Oman
  • 71,472 Cyberattacks against Omani websites

Sultanate of Oman: More than 430 thousand cyberattack attempts within the Omani cyberspace and more than 71 thousand cyberattacks against websites in Oman, this was announced during the National Cybersecurity drill that started yesterday, Monday.

The drill was organized by the Information Technology Authority )ITA(, represented by the Oman National CERT, and held in Kempinski Hotel, Al-Mouj Muscat between 9th and 11th of this September. The event , under the topic of “Malware and Dark Web”, hosted more than 72 government entities and critical infrastructure sectors such as banks, utilities, transport, logistics and oil and gas.

Response and Mitigation

The drill aims to evaluate the readiness of cybersecurity response teams of the participating organizations and develop national capabilities and skills in this area.

The drill is a practical simulation of real-world cybersecurity incidents by using simulated scenarios based on the most common security threats and attacks nationally and worldwide. The drill will discuss several topics such as crypto-currency mining malware, phishing attacks, interactive protection simulation and dark web.

Malicious software (Malware)

In her speech representing ITA, Aziza Sultan Al Rashdi (director of Professional Cybersecurity Services of the Oman National CERT) highlighted the importance of having the malware and dark web as the main topic of this year’s drill agenda saying “the importance of the 5th drill comes as a response to the increased level and complexity of cyberattacks worldwide, specifically the malware and the related usage of cryptocurrency, in addition to the criminal activities over the dark web including the crimes of selling computer viruses, spyware, and hacking software.” She also discussed the impact of this type of software saying, “Malware is considered as one of the highest risks in technology worldwide because of its high probability of occurrence and high impact as well, according to this year annual report by the World Economic Forum.”

“The report also refers to the negative impact of malware on economical levels. According to Kaspersky latest research, it indicates a 7% increase in the number of financially affected users due to malware in the first half of 2019 compared to the same period last year, and a 31% of malware infection rate, as double the infection percentage in 2018,” she further added.

Security incidents

Aziza Al Rashdi introduced some of the statistics about Oman National CERT, which shows that the center handled 1,839 security incident in 2017 compared to 1,744 in 2016 and 2,334 successfully handled security incidents in 2018.

The statistics also show 432,978 cyberattack attempts discovered during last year within the Omani cyberspace, 71,472 cyberattacks against websites in Oman, and 203 malware captured by the antimalware systems.

Preventive measures

Preventive measures play an important role in handling cybersecurity threats, Al Rashdi said, “Increasing readiness does not only include responding to occurred incidents but also include the measures that can prevent the incident in the first place and reduce the impact in case it happened.”

“We encourage all entities to follow and implement security policies, frameworks, and other security announcements about threats and vulnerability issued by Oman National CERT,” she went on.

She further explained, “The center has issued more than 340 security threat announcements last year, which helped to handle several operating system vulnerabilities. The announcements were issued several months before the attacks to avoid what could have been exploited by attackers.”

The first day included several cybersecurity papers presented by experts that focused on the role of response teams in addressing cybersecurity incidents, and the importance of national skills development, within the rapid technological advancement accompanied by the increased levels of threats and attackers capabilities.

The first paper addressed the future of threats in the new digital era, presented by Rami Al Dimati, Kaspersky while Haitham Al Hajri (Cybersecurity Executive, ITA) presented the second paper that talked about Crypto-jacking.

Crypto-jacking is a type of cryptocurrency mining malware that attacks computer systems and networks as well; usually, it is not easily detected because it is designed to be hidden.

The third paper addressed internet security and privacy, by Adel Abd Al-Monem, and Saif Al Hinai (Data Security Analyst) talked about dark web crimes.

The last paper by Almerindo Graziano (Silensec) talked about addressing security skills gaps and flexibility in the domain names.

It is worth to mention that A practical exercise for government entities is scheduled to be conducted today, on Tuesday. It will include a practical application for the most important security threats that target government entities and the proper way for addressing these threats.

The latest updates and recent threats will be presented on Wednesday, specifically threats targeting critical infrastructure sectors and government entities such as banks, utilities, transport, logistics, and oil and gas.

-Ends-

ITA is a Public Authority created by Royal Degree 52/2006. ITA endeavours to consolidate and implement the Digital Oman strategy to transform the Sultanate of Oman into a knowledge-based economy for the achievement of social and economic benefits to Omani society. ITA’s vision is ‘Transforming Oman, Empowering You’. For more information, visit www.ita.gov.om or email to eoman@ita.gov.om.

For more information or media clarification, please contact:
Sheikha Aljassasi
Media Specialist
Information & Awareness Division
Telephone:      +968 2416 6769
Fax:                  +968 2416 6604
Email:              Sheikha.aljassasi@ita.gov.om 

© Press Release 2019

Disclaimer: The contents of this press release was provided from an external third party provider. This website is not responsible for, and does not control, such external content. This content is provided on an “as is” and “as available” basis and has not been edited in any way. Neither this website nor our affiliates guarantee the accuracy of or endorse the views or opinions expressed in this press release.

The press release is provided for informational purposes only. The content does not provide tax, legal or investment advice or opinion regarding the suitability, value or profitability of any particular security, portfolio or investment strategy. Neither this website nor our affiliates shall be liable for any errors or inaccuracies in the content, or for any actions taken by you in reliance thereon. You expressly agree that your use of the information within this article is at your sole risk.

To the fullest extent permitted by applicable law, this website, its parent company, its subsidiaries, its affiliates and the respective shareholders, directors, officers, employees, agents, advertisers, content providers and licensors will not be liable (jointly or severally) to you for any direct, indirect, consequential, special, incidental, punitive or exemplary damages, including without limitation, lost profits, lost savings and lost revenues, whether in negligence, tort, contract or any other theory of liability, even if the parties have been advised of the possibility or could have foreseen any such damages.