Caught in Cybernet

bahrain March 08, 2019

You might have come across such a headline at least once, which exploits the ‘curiosity gap’. Unable to resist, you might have also clicked through the content only to get hooked to a linked piece of online content or malicious software. Consider yourself lucky, if you’ve not yet encountered one. Because, cybercriminals have turned click-baiting, as it is called today, into an art. If the conditions are right, you don’t even need to click.

Meaning, even before realising, you’re in a trap. It’s sad but true. When it comes to clicking most of us are easily persuaded. Unfortunately, making use of it most are the cybercriminals. Malicious URLs used as click bait and delivered through both Email and Web are increasing in the Middle East. In Bahrain, there registered a 140 per cent increase in phishing and banking Trojan incidents, says a report by cybersecurity giant Kaspersky Lab.

To understand the magnitude, the report by the cybersecurity giant should be read along with the warning issued last month by The Internet Corporation for Assigned Names and Numbers (ICANN) that says website registrars and internet service providers, particularly in the Middle East are being targeted at an alarming rate. “There is evidence that it is coming out of Iran and being done in support of Iran,” ICANN said. In its new report, the Kaspersky lab says it detected a 7.5pc increase in malware attacks, 55pc jump in ransomware attacks and 131pc increase in banking Trojan attack in Bahrain.

The in-depth analysis of various cyber threats all over the world in 2018 specifically points to the activities of ‘MuddyWater APT group’, which is a relatively new threat actor that surfaced in 2017. The group, which has been known to target government bodies, military entities, telcos and educational institutions in the Middle East, Europe and the US, is continually targeting Bahrain, the report says.

These new documents have appeared throughout 2018 and the activity escalated from May onwards. “More importantly, countries in the Middle East need to focus on the protection of industrial systems and critical infrastructure,” CEO Eugene Kaspersky told in a talk to Arabian business adding: “All countries use the same protection software, all of them follow the same approach and the same logic with regards to cybersecurity.”

The only difference is that the region hosts a number of largescale corporations that are new to cyber attacks, therefore struggle in preventing and destroying them, the report quoted him as saying. In order to protect, he suggests educating general staff to identify malicious behaviour such as phishing links and establish enterprise-grade patch management process among other measures.

One malicious URL in every 61 mails

The widening landscape of the malware attacks was also flagged by Mimecast in its Email Security Risk Assessment (ESRA) report which says there is a 125pc increase in an email delivered malicious URLs in comparison to the last quarter. The report by Mimecast says it detected one malicious URL in every 61 emails screened.

Mimecast detected a total of 463,546 malicious URLs from the 28,407,664 emails, which were deemed safe by an organisation’s email security system. According to Matthew Gardiner, cybersecurity strategist at Mimecast: “Cybercriminals are constantly looking for new ways to evade detection, often turning to easier methods like social engineering to gain intel on a person or pulling images from the internet to help ‘legitimize’ their impersonation attempts to gain credentials or information from unsuspecting users.”

Iran or in support of Iran

Meanwhile, ICANN last month warned that website registrars and internet service providers, particularly in the Middle East are being targeted. So-called “DNSpionage” attacks might date back to at least 2017, according to FireEye senior manager of cyber espionage analysis Ben Read. “We’ve seen primarily targeting of email names and passwords, ” Read said.

“There is evidence that it is coming out of Iran and being done in support of Iran.” DNSpionage hackers appeared intent on stealing account credentials, such as email passwords, in Lebanon and the United Arab Emirates, according to Adam Meyers, vice president of intelligence at CrowdStrike cyber security firm.

Similar attacks took place in Europe and other parts of the Middle East, with targets including governments, intelligence services, police, airlines, and the oil industry, cybersecurity specialists said.

Caught in Cybernet

Military Marathon, shooting winners honoured

BTEA on a roll, attracts 140,000 tourists

Bahrain joins global Family Day celebration with various activities

Stage set for ninth ‘Whisper of Hope’ Festival today

Embassy facilitates repatriation of three Filipino workers

Bounced checks backfire

Court hands down heavy punishment in two major money laundering cases

Number of field visits to mosques and cemeteries surges

Asian man jailed for role in violent home invasion

Over 91,000 wastewater tests conducted last year

Winds of change

Bahrain Declaration fosters joint Arab cooperation and stability

United We Stand

Immediately end Israeli aggression in Gaza, leaders demand one after another at Arab Summit

Al Salam Bank completes acquisition of Kuwait Finance House Bahrain

Contractor ordered to pay for 13-year-old construction supplies

African woman punished for trafficking and forced labour

Hyderabad secure IPL play-off spot after washout

Women empowerment must start at home

Strategic Publicity & advertising company W.L.L,

Subscription and Circulation

News Room

Marketing

Caught in Cybernet

Most Read