Issue 05
العربية

Esharat is a digital magazine, issued biannually and freely by Dubai Electronic Security Center (DESC) to provide information and raise community awareness about cyber security and technology, in line with DESC’s mandate to implement government strategy and support Dubai’s journey to becoming the safest cyberspace in the world.

Covid-19 forces full digital transformation

Technology and cyberspace played massive roles throughout the global crisis – most impacts were highly positive in contributing to the management of the pandemic, while others were deeply malicious. It is widely accepted that the spread of COVID-19 completely changed the cybersecurity landscape, as companies had to quickly and securely enable remote work teams, and families in isolation from each other wanted to stay in touch.

Research conducted between March and May 2020 confirmed that the impact of the virus was trending highest in cybersecurity online searches. The other top trends were cloud, machine learning and AI, social engineering, and phishing.

The cybersecurity industry has also been forecast to grow quickly and rapidly in response to the rising adoption of remote working, teleworking, e-commerce and disruptive technologies like AI and Blockchain – all of which provide more challenges for cyberthreats. The COVID-19 crisis transformed the cybersecurity priorities of companies, from SMEs to multinational giants, who are now forced to take responsible security measures as well as to comply with international regulations.

Google reported in April that it was blocking around 18 million COVID-19 related scam emails per day, with its advance machine learning technology tracking over 240 million spam messages launched daily at Gmail users in unethical attempts to cash in on the crisis.

Cybersecurity is no longer an issue to be left up to IT experts; it is becoming increasingly important for everyone who is digitally connected – from company employees to families – to educate themselves on the risks and protect their systems against cybercrime.

Covid-19 linked to most global 2020 cybersecurity attacks

Cybercrime rose over 600% (*PurpleSec)

Innovative methods to track down cyber criminal coders

The phishing emails and similar cyber attacks launched by cyber criminals aren’t as simple as they may seem… they have all been cunningly crafted by a team of diverse technical experts who know how to write advanced digital malware and find new vulnerabilities in us as humans and our digital systems.

Now threat intelligence specialists have developed a research methodology that can be used to identify and track down those accomplices to cybercrime. The innovative tracking technique zones shed light on the clues left behind in the code by ‘exploit writers’ or ‘malware authors’, amongst other terms. The clues are unique characteristics that can be analysed like digital fingerprints to identify their criminal authors.

Using this method, cybersecurity detectives have recently reported success in linking several complex exploits and tracking their origins to put a stop to the attackers.

The idea is to fingerprint an attack sample for clues, such as hard-coded values, binary properties, the way certain functions are implemented or the code is arranged. These characteristics can be used to connect the exploit directly to the criminal developer. Identifying the unique clues in one threat can lead them to a string of others developed by the same individuals or teams on the dark web.

Who under cyber attack

The World Health organisation (WHO), a global leader tackling this year’s coronavirus pandemic, reported a dramatic five-fold increase in cyberattacks as hackers tried to exploit the crisis.

In April, the oraganisation confirmed that around 450 active WHO email addresses and passwords, along with thousands more belonging to others working on the coronavirus response, were leaked online. Fortunately, the leaked details did not impact the organisation’s systems but did affect an older extranet system used by employees, retired staff and partners. WHO called on cybersecurity experts to strengthen its security measures, including authentication controls, and to educate its staff. WHO also noted an increase in phishing emails, with fraudsters using fear and uncertainty in the vulnerable public to impersonate the organisation and scam them into donating money.