GCC countries have become prime targets for cyber crime, with the Gulf viewed as a "cash cow" for computer hackers, according to a survey of IT experts across the region.
The region’s potential to fall victim to cyber crime was highlighted last month when a global cyber crime ring successfully stole $45m from two Gulf-based banks by hacking into credit card processing firms and withdrawing money from ATMs.
“The last few months have demonstrated a shift in the security threat landscape in our region,” the director of Intelligent Network Solutions at leading Gulf IT company Gulf Business Machines (GBM), Hani Nofal, told Arabian Business.
“Several large regional enterprises have made the headlines as a result of targeted and sophisticated cyber attacks. The number [of IT experts who believe the UAE is a primate target for cyber crime] confirms that cyber-warfare in the Middle East is no game.”
Nofal said the cybercrime ecosystem was becoming more sophisticated and focused.
“In the connected world that we live in today, the increased cost of incidents will impact brand reputation and can even extend to possible national security threats,” he said.
“Our region represents a ‘cash cow’ for hackers with attacks including click/redirect fraud (which involves tricking an internet user into clicking onto a link that led them to another website), data theft, distributed denial of service attacks (DDoS) and web exploits.
“However, we expect to soon see new forms of threats that will target cloud infrastructure, mobile devices and voice over IP.”
About 65 percent of more than 800 IT experts in the GCC who participated in a GBM survey said they believed the region was a prime target for cyber crime.
The survey also revealed that 35 percent of cyber crime incidents were staff related and security risks were potentially increasing as social media became more available at workplaces.
The number of organisations that allowed access to social media websites had increased from less than two-thirds to about 85 percent in the past year, according to GBM.
“It is important to recognise how prevalent social media is in today's workforce. With employees pushing the boundaries, social media has turned out to be a major collaboration tool for enterprises, however it has also become a prime source to attacks against individuals and companies,” Nofal said.
“Hackers have adopted social networking techniques such as using profile information to create security compromises, impersonate friends to launch attacks and leverage news feeds to spread spam and scams.
“In addition, the risk of an internal security breach is one of the main challenges with social media. This risk is increased when employees abuse their access or lack the awareness of basic security requirements and standards.”
Nofal said the survey showed there was a false sense of security among organisations, with 60 percent believing that the number of successful attacks would decrease in the next 12 months.
About 25 percent of survey respondents said their organisations had not been conducting regular proactive screenings to ensure their IT infrastructure and critical data were protected.
“Companies are more aware of IT security issues than ever before. [But] although organisations are showing more interest in pre-emptive measures against possible cyber threats, they are not always taking the appropriate measures,” Nofal said.
“Nearly half of the organisations polled spend up to 10 percent of their IT budget on security. However, we expect this number to increase in the future.”