Remote and hybrid work models may expose new vulnerabilities and more surfaces to cyber attacks in 2023, industry experts have warned.
Driven by quick returns and encrypted nature of the business, cyber criminals will continue to exploit users’ weak and poorly managed home networks and devices to breach corporate networks, they said.
The majority of the attacks will be persuasive, more personal in nature targeting specific employees of the company and hitting commonly used business communication services and apps, such as Slack, Teams, ClickUp and ProofHub.
As 5G’s regional adoption accelerates, faster data transfer on mobile devices will make them as attractive to threat actors as to consumers
Paul Baird,
chief technical security officer at Qualys
“We see attackers steering away from targeting official work emails to ensnare their victims … they are finding more success by sending targeted social engineering campaigns to personal accounts of employees through text messages and third-party messaging apps such as WhatsApp,” Sundaram Lakshmanan, chief technology officer at California-based security company Lookout, told The National.
An increasing awareness of cyber threats has led to a rising investment in cyber security infrastructure worldwide.
“In 2023, we expect to see weaponised phishing attacks spreading their wings across commonly used business communication services and apps … [they] have traditionally been managed by anti-phishing toolbars and email security protections, but in near future phishing may scale beyond email and messages, spreading across communication channels in a much stealthier way,” said Jaspreet Singh, senior research scientist at security company Trellix, also based in California.
“While 'Zoombombing' and similar methods have been observed, we expect the use of business collaboration apps to grow as threat vectors.”
Zoombombing is the hijacking of video-conference calls by hackers.
Phishing, typically, comes in the form of fraudulent emails that aim to obtain personal information of victims, such as credit card details and sensitive data like usernames and passwords.
In January, US cyber security companies McAfee Enterprise and FireEye officially merged to form Trellix, to thwart cyber attacks and fight sophisticated criminals.
Driven by an increasing awareness of data risks and threats, the global cyber security market is poised for robust growth over the next few years.
The global cyber security market revenue is forecast to jump to $262.3 billion by 2027, a jump of more than 67 per cent from $156.35 billion this year, according to Statista.
The US, world’s biggest economy, will generate more than $63.24 billion in cyber security revenue this year — more than 40 per cent of total sales.
“Attackers will lean more on their powers of persuasion than on their malware kits as they step up social engineering attacks in the cloud … a single fake social media profile, leveraged in the right way, can allow a threat actor to impersonate a trusted vendor,” said Morey Haber, chief security officer at Atlanta-based security firm BeyondTrust.
“The threat actor will persuade victim after victim to divulge secrets or act in other ways contrary to their interest or that of their employer. The Lapsus$ [ransomware] group used social media to become an employee and then spoof access by calling a support helpdesk.”
In March, the UK police arrested seven people, including a teenage boy, following a series of online attacks by the Lapsus$ hacking group that hit major technology companies, including Okta and Microsoft.
Lapsus$ has publicly taunted its victims, leaking their source codes and internal documents. It has reportedly gone as far as to join the Zoom calls of companies they’ve breached, during which they have taunted employees and consultants trying to manage the hack.
The group has claimed to breach companies such as Samsung, Vodafone and Ubisoft.
Global cyber crime costs are also expected to surge by nearly 300 per cent to $23.84 trillion by 2027, from almost $6 trillion last year, according to data compiled by Statista and global bodies such as the Federal Bureau of Investigation and the International Monetary Fund.
Cyber crime costs include stealing and destruction of data, stolen money, lost productivity, theft of intellectual property, theft of personal and financial data, fraud, post-attack interruption to the normal course of business, investigation cost, retrieval and deletion of compromised data and systems. This is in addition to the reputational harm caused to the enterprises.
The global adoption of fifth-generation wireless network connectivity — or 5G — will also attract bad actors, industry experts cautioned.
In 2023, we expect to see weaponised phishing attacks spreading their wings across commonly used business communication services and apps
Jaspreet Sign,
senior research scientist at Trellix
“As 5G’s regional adoption accelerates, faster data transfer on mobile devices will make them as attractive to threat actors as to consumers. And private 5G deployments for IoT [Internet of Things] and other use cases will introduce weak endpoints into otherwise secure ecosystems,” said Paul Baird, chief technical security officer at California-based cloud security firm Qualys.
In 2023, attackers will continue to target supply chains that have been disrupted by the Covid-19 pandemic.
However, instead of targeting key suppliers, they will look beyond the usual suspects to gain access into core networks. For example, this could include legal or accounting firms, Christian Borst, chief technology officer for Europe, Middle East and Africa at San Jose-based artificial intelligence threat detection and response company Vectra AI, said.
“A holistic approach may help turn the tables on the matter … supply chain means partnership … partnership means collaboration and supporting each other.
“Only as a mesh interconnected structure with consistent resiliency can companies thrive in the digital economy. This includes ensuring that they review the security policies of all those in the chain,” Mr Borst said.
A mesh network is a group of connectivity devices, such as different Wi-Fi routers. It includes multiple sources of connectivity instead of just a single router.
How to get there
Emirates (www.emirates.com) flies directly to Hanoi, Vietnam, with fares starting from around Dh2,725 return, while Etihad (www.etihad.com) fares cost about Dh2,213 return with a stop. Chuong is 25 kilometres south of Hanoi.
'Fantastic Beasts: The Secrets of Dumbledore'
Rating: 3/5
Directed by: David Yates
Starring: Mads Mikkelson, Eddie Redmayne, Ezra Miller, Jude Law
The%20specs
%3Cp%3E%3Cstrong%3EEngine%3A%3C%2Fstrong%3E%204.0-litre%20twin-turbo%20V8%3Cbr%3E%3Cstrong%3EPower%3A%20%3C%2Fstrong%3E680hp%20at%206%2C000rpm%3Cbr%3E%3Cstrong%3ETorque%3A%20%3C%2Fstrong%3E800Nm%20at%202%2C750-6%2C000rpm%3Cbr%3E%3Cstrong%3ETransmission%3A%20%3C%2Fstrong%3ERear-mounted%20eight-speed%20auto%3Cbr%3E%3Cstrong%3EFuel%20consumption%3A%20%3C%2Fstrong%3E13.6L%2F100km%3Cbr%3E%3Cstrong%3EOn%20sale%3A%3C%2Fstrong%3E%20Orderbook%20open%3B%20deliveries%20start%20end%20of%20year%3Cbr%3E%3Cstrong%3EPrice%3A%20%3C%2Fstrong%3EFrom%20Dh970%2C000%3C%2Fp%3E%0A
SPEC%20SHEET%3A%20APPLE%20IPHONE%2014%20PRO%20MAX
%3Cp%3E%3Cstrong%3EDisplay%3A%3C%2Fstrong%3E%206.7%22%20Super%20Retina%20XDR%20OLED%2C%202796%20x%201290%2C%20460ppi%2C%20120Hz%2C%202000%20nits%20max%2C%20HDR%2C%20True%20Tone%2C%20P3%2C%20always-on%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EProcessor%3A%3C%2Fstrong%3E%20A16%20Bionic%2C%206-core%20CPU%2C%205-core%20GPU%2C%2016-core%20Neural%20Engine%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EMemory%3A%3C%2Fstrong%3E%206GB%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3ECapacity%3A%3C%2Fstrong%3E%20128%2F256%2F512GB%20%2F%201TB%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EPlatform%3A%3C%2Fstrong%3E%20iOS%2016%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EMain%20camera%3A%3C%2Fstrong%3E%20Triple%2048MP%20main%20(f%2F1.78)%20%2B%2012MP%20ultra-wide%20(f%2F2.2)%20%2B%2012MP%20telephoto%20(f%2F2.8)%2C%206x%20optical%2C%2015x%20digital%2C%20Photonic%20Engine%2C%20Deep%20Fusion%2C%20Smart%20HDR%204%2C%20Portrait%20Lighting%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EMain%20camera%20video%3A%3C%2Fstrong%3E%204K%20%40%2024%2F25%2F30%2F60fps%2C%20full-HD%20%40%2025%2F30%2F60fps%2C%20HD%20%40%2030fps%2C%20slo-mo%20%40%20120%2F240fps%2C%20ProRes%20(4K)%20%40%2030fps%3B%20night%2C%20time%20lapse%2C%20cinematic%2C%20action%20modes%3B%20Dolby%20Vision%2C%204K%20HDR%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EFront%20camera%3A%3C%2Fstrong%3E%2012MP%20TrueDepth%20(f%2F1.9)%2C%20Photonic%20Engine%2C%20Deep%20Fusion%2C%20Smart%20HDR%204%2C%20Portrait%20Lighting%3B%20Animoji%2C%20Memoji%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EFront%20camera%20video%3A%3C%2Fstrong%3E%C2%A04K%20%40%2024%2F25%2F30%2F60fps%2C%20full-HD%20%40%2025%2F30%2F60fps%2C%20slo-mo%20%40%20120%2F240fps%2C%20ProRes%20(4K)%20%40%2030fps%3B%20night%2C%20time%20lapse%2C%20cinematic%2C%20action%20modes%3B%20Dolby%20Vision%2C%204K%20HDR%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EBattery%3A%3C%2Fstrong%3E%204323mAh%2C%20up%20to%2029h%20video%2C%2025h%20streaming%20video%2C%2095h%20audio%3B%20fast%20charge%20to%2050%25%20in%2030min%3B%20MagSafe%2C%20Qi%20wireless%20charging%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EConnectivity%3A%3C%2Fstrong%3E%20Wi-Fi%2C%20Bluetooth%205.3%2C%20NFC%20(Apple%20Pay)%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EBiometrics%3A%3C%2Fstrong%3E%20Face%20ID%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EI%2FO%3A%3C%2Fstrong%3E%20Lightning%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EDurability%3A%3C%2Fstrong%3E%20IP68%2C%20dust%2Fsplash%2Fwater%20resistant%20up%20to%206m%20up%20to%2030min%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3ECards%3A%3C%2Fstrong%3E%20Dual%20eSIM%20%2F%20eSIM%20%2B%20eSIM%20(US%20models%20use%20eSIMs%20only)%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EColours%3A%3C%2Fstrong%3E%20Deep%20purple%2C%20gold%2C%20silver%2C%20space%20black%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EIn%20the%20box%3A%3C%2Fstrong%3E%20iPhone%2014%20Pro%20Max%2C%20USB-C-to-Lightning%20cable%2C%20one%20Apple%20sticker%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EPrice%3A%3C%2Fstrong%3E%20Dh4%2C699%20%2F%20Dh5%2C099%20%2F%20Dh5%2C949%20%2F%20Dh6%2C799%3C%2Fp%3E%0A
Indian construction workers stranded in Ajman with unpaid dues
Profile of VoucherSkout
Date of launch: November 2016
Founder: David Tobias
Based: Jumeirah Lake Towers
Sector: Technology
Size: 18 employees
Stage: Embarking on a Series A round to raise $5 million in the first quarter of 2019 with a 20 per cent stake
Investors: Seed round was self-funded with “millions of dollars”
RESULTS
5pm: Wathba Stallions Cup Maiden (PA) Dh 70,000 (Dirt) 1,600m
Winner: Samau Xmnsor, Abdul Aziz Al Balushi (jockey), Ibrahim Al Hadhrami (trainer)
5.30pm: Maiden (PA) Dh 70,000 (D) 1,600m
Winner: Ottoman, Szczepan Mazur, Abdallah Al Hammadi
6pm: Maiden (PA) Dh 70,000 (D) 1,800m
Winner: Sharkh, Patrick Cosgrave, Helal Al Alawi
6.30pm: Handicap (PA) Dh 85,000 (D) 1,800m
Winner: Yaraa, Fernando Jara, Majed Al Jahouri
7pm: Handicap (PA) Dh 70,000 (D) 2,000m
Winner: Maaly Al Reef, Bernardo Pinheiro, Abdallah Al Hammadi
7.30pm: Maiden (PA) Dh 70,000 (D) 1,000m
Winner: Jinjal, Fabrice Veron, Ahmed Al Shemaili
8pm: Handicap (PA) Dh 70,000 (D) 1,000m
Winner: Al Sail, Tadhg O’Shea, Ernst Oertel
if you go
The flights
Etihad and Emirates fly direct from the UAE to Seoul from Dh3,775 return, including taxes
The package
Ski Safari offers a seven-night ski package to Korea, including five nights at the Dragon Valley Hotel in Yongpyong and two nights at Seoul CenterMark hotel, from £720 (Dh3,488) per person, including transfers, based on two travelling in January
The info
Visit www.gokorea.co.uk
If you go
The flights
Emirates flies from Dubai to Seattle from Dh5,555 return, including taxes. Portland is a 260 km drive from Seattle and Emirates offers codeshare flights to Portland with its partner Alaska Airlines.
The car
Hertz (www.hertz.ae) offers compact car rental from about $300 per week, including taxes. Emirates Skywards members can earn points on their car hire through Hertz.
Parks and accommodation
For information on Crater Lake National Park, visit www.nps.gov/crla/index.htm . Because of the altitude, large parts of the park are closed in winter due to snow. While the park’s summer season is May 22-October 31, typically, the full loop of the Rim Drive is only possible from late July until the end of October. Entry costs $25 per car for a day. For accommodation, see www.travelcraterlake.com. For information on Umpqua Hot Springs, see www.fs.usda.gov and https://soakoregon.com/umpqua-hot-springs/. For Bend, see https://www.visitbend.com/.
Babumoshai Bandookbaaz
Director: Kushan Nandy
Starring: Nawazuddin Siddiqui, Bidita Bag, Jatin Goswami
Three stars
if you go
The flights
Fly direct to Kutaisi with Flydubai from Dh925 return, including taxes. The flight takes 3.5 hours. From there, Svaneti is a four-hour drive. The driving time from Tbilisi is eight hours.
The trip
The cost of the Svaneti trip is US$2,000 (Dh7,345) for 10 days, including food, guiding, accommodation and transfers from and to Tbilisi or Kutaisi. This summer the TCT is also offering a 5-day hike in Armenia for $1,200 (Dh4,407) per person. For further information, visit www.transcaucasiantrail.org/en/hike/
Company profile
Name: Infinite8
Based: Dubai
Launch year: 2017
Number of employees: 90
Sector: Online gaming industry
Funding: $1.2m from a UAE angel investor
The specs
Engine: 2.0-litre 4-cyl, 48V hybrid
Transmission: eight-speed automatic
Power: 325bhp
Torque: 450Nm
Price: Dh289,000
Poland Statement
All people fleeing from Ukraine before the armed conflict are allowed to enter Poland. Our country shelters every person whose life is in danger - regardless of their nationality.
The dominant group of refugees in Poland are citizens of Ukraine, but among the people checked by the Border Guard are also citizens of the USA, Nigeria, India, Georgia and other countries.
All persons admitted to Poland are verified by the Border Guard. In relation to those who are in doubt, e.g. do not have documents, Border Guard officers apply appropriate checking procedures.
No person who has received refuge in Poland will be sent back to a country torn by war.
How to apply for a drone permit
- Individuals must register on UAE Drone app or website using their UAE Pass
- Add all their personal details, including name, nationality, passport number, Emiratis ID, email and phone number
- Upload the training certificate from a centre accredited by the GCAA
- Submit their request
What are the regulations?
- Fly it within visual line of sight
- Never over populated areas
- Ensure maximum flying height of 400 feet (122 metres) above ground level is not crossed
- Users must avoid flying over restricted areas listed on the UAE Drone app
- Only fly the drone during the day, and never at night
- Should have a live feed of the drone flight
- Drones must weigh 5 kg or less
The National's picks
4.35pm: Tilal Al Khalediah
5.10pm: Continous
5.45pm: Raging Torrent
6.20pm: West Acre
7pm: Flood Zone
7.40pm: Straight No Chaser
8.15pm: Romantic Warrior
8.50pm: Calandogan
9.30pm: Forever Young
Key findings of Jenkins report
- Founder of the Muslim Brotherhood, Hassan al Banna, "accepted the political utility of violence"
- Views of key Muslim Brotherhood ideologue, Sayyid Qutb, have “consistently been understood” as permitting “the use of extreme violence in the pursuit of the perfect Islamic society” and “never been institutionally disowned” by the movement.
- Muslim Brotherhood at all levels has repeatedly defended Hamas attacks against Israel, including the use of suicide bombers and the killing of civilians.
- Laying out the report in the House of Commons, David Cameron told MPs: "The main findings of the review support the conclusion that membership of, association with, or influence by the Muslim Brotherhood should be considered as a possible indicator of extremism."
