Hacktivism-related DDoS attacks have risen 70% in the region, most often targeting the public sector, while stolen data and access offers dominate the Dark Web. With the UAE and Saudi Arabia increasingly invested in digitization, AI development, and shifting to a knowledge-based economy, organizations in the two nations — and the Middle East at large — need to focus on strengthening their cybersecurity posture, Positive Technologies says. "The abundance of posts related to the sale of access, often low-cost, makes it easier for attackers to gain initial access to a company and carry out an attack without wasting time looking for new entry points into the infrastructure. Cyberattackers and hacktivists are increasingly targeting the United Arab Emirates, the Kingdom of Saudi Arabia, and other nations in the Gulf Cooperative Council (GCC) region. The report stated that the first half of the year, the number of distributed denial-of-service (DDoS) attacks in the region rose 70%, compared with the same period in the previous year. "Dark Web forums are full of offers and services tailored to this region," the company's report stated. Both Saudi Arabia and the UAE topped the chart of targeted nations in a March analysis of two years of attacks in the region. Hacktivists use forums as both a way to call like-minded hackers to action and to publish evidence of their success against specific targets, says Anastasiya Chursina, a threat analyst with Positive Technologies. "Access giveaways represent a new trend for the region that first appeared in H2 2023," the report stated. The stakes are rapidly escalating as well, from Iran's increasing pace of cyber espionage to Israel's cyber-physical attacks using compromised supply chains to the compromise of naval information systems in the region. "We believe that this trend may continue and the number of attacks carried out by hacktivists will go up," she says. The attackers' tactics of choice depend upon their skills and knowledge, and DDoS attacks can be accomplished by novice hackers, says Positive Technologies' Chursina. Copyright © 2024 Informa PLC Informa UK Limited is a company registered in England and Wales with company number 1072954 whose registered office is 5 Howick Place, London, SW1P 1WG. More attacks are also being publicly disclosed: In July, pro-Palestinian hacktivist group BlackMeta targeted a bank in the United Arab Emirates with a DoS campaign that lasted more than 100 hours over six days. "The main goal of hacktivists is to draw public attention to certain political, social, and religious issues," she says. For its GCC report, the company focused on six major nations in the region: the UAE, Saudi Arabia, Bahrain, Oman, Qatar, and Kuwait. Positive Technologies' trove of forum posts and text messages totals 277 million items from 380 Telegram channels and Dark Web forums. That's according to 18 months of Dark Web data compiled by Moscow-based threat research firm Positive Technologies. The region is likely a favored target because it's a hub for commerce and trade, full of rich economies; and because of regional nations' stance on certain geopolitical issues. About 12% of the posts included a call to action for hacktivism or evidence of a successful hacktivist attack, according to the report. Stolen data and illicit access accounted for the topic of more than half (54%) of the posts, with the vast majority of of users selling or buying access. And in April, Saudi Arabia was added to the list of organizations targeted by the suspected China-linked group Solar Spider.
This Cyber News was published on www.darkreading.com. Publication date: Tue, 01 Oct 2024 05:00:18 +0000