The United Arab Emirates (UAE) has successfully deterred and defended against malicious cyberattacks targeted at national digital assets and strategic sectors. The country has a highly developed digital infrastructure and national task forces that work to strengthen the UAE’s digital space in accordance with international best practices and standards. According to Mohammed Hamad Al Kuwaiti, the head of cyber security in the UAE, the country successfully deters over 50,000 cyberattacks per day that target strategic national sectors, with the banking, financial, health, oil, and gas sectors being the most targeted.
The UAE is ranked fifth globally in the Global Cybersecurity Index of the International Telecommunication Union of the United Nations. In its latest report, global cybersecurity firm Trend Micro said it detected and blocked over 42 million e-mail threats, and prevented more than 17 million malicious URL attacks, 492,110 URL hosts and 25 million malware attacks. However, despite these successes, the Council and cybersecurity experts have called on the public and private sectors to exercise utmost caution against any attacks and activate the cyber emergency response system to proactively prevent possible malicious attacks.
The rapidly advancing technology landscape brings an increased risk of cyber threats, and businesses must take steps to strengthen their digital infrastructure, said Rasheed Al Odah, managing director for KSA, South UAE, Bahrain and Levant, and MEA at Trend Micro. While no business or government entity can truly protect against 100% of cyberattacks, security best practices can protect most organizations from a wide variety of attacks. Companies should consider using cybersecurity frameworks like CIS Control Self-Assessment Tools to build a model for their entity and audit the effectiveness of their security controls and processes.
Every organization and individual should always consider the recommendation to “trust but verify” for every correspondence that may request some form of transaction, be it financial, information inquiry, or even password reset, according to Morey Haber, chief security officer at BeyondTrust. Vibin Shaju, vice-president of Solutions Engineering EMEA at Trellix, advised firms to keep the security operation center on alert to look for abnormal spikes in traffic from new IP addresses and regions. He also said to make sure all key admin authentications are covered with multi-factor authentication and to not ignore the chances of targeted attacks when corporate resources are focused on volume-based attacks. Defacement of websites is common during cyberattacks, and it is essential to lock down any changes, including access to control panels and DNS management during periods of high alert. If a web application firewall is implemented, Shaju added, make sure it is configured to block specific traffic patterns and malicious requests.
About Author
