Five things to know about the UAE's cyber security in Q3
UAE-based DarkMatter's cyber network defense team last week identified these vulnerabilities among regional organisations
Outdated Software: In 93 percent of assessments, IT systems were found to have outdated software. Across a range of operating systems and network services, systems were missing critical security patches. These included high-level risk vulnerabilities from using outdated software and services. Unsupported Software: In 83 percent of their assessments, systems had unsupported software. When software is unsupported, the vendor does not release new security patches, and is very unlikely to investigate or announce reports of vulnerabilities. This makes it likely that such software will contain vulnerabilities. Credential problems: The use of default or weak credentials were also identified as a problem in 77 percent of the assessments. If weak, credentials – such as passwords and userrnames – could be guessed or acquried through simple attacks. This could give attackers admin access. Software Vulnerabilities: About 45 percent of the 20 most common software vulnerabilities affecting organisations in the UAE were categorised as ‘high severity’. The majority of these are information disclosure vulnerabilities, which would allow an attacker
to obtain and use sensitive information. Insecure Protocols: Insecure protocols including FTP, HTTP and SMTP are being used by organisations in 57 percent of DarkMatter’s assessments. These protocols are un-encrypted and send data as clear text packets. In such cases, security keys must be changed immediately.