Ever-changing cyber-threats demand a new approach to security to stay ahead of cyber criminals in 2019, experts warn.
The level of protection against cyber attackers was assessed 'extremely low' for 43 per cent of businesses in the Middle East, which could spur a rise in attacks, according to a report by Kaspersky Lab, a Moscow-headquartered cybersecurity firm. The survey, which evaluated data collected from Middle East enterprises through the end of 2017 revealed that three-quarters (73 per cent) of successful breaches were achieved by penetrating vulnerable web-based applications.
"Next year will bring bigger cyber threats … with more and more devices being connected to the internet, we become more likely to face cyber attacks online,” said Fabio Assolini, senior security researcher at Kaspersky Lab. “We urge consumers to pay more attention to cybersecurity because sometimes they can be the weakest link, resulting in irreparable loss.”
Cybercrime generated around $1 trillion (Dh3.67tn) in stolen money globally in 2018, according to UAE-based Z Services, a cloud-based cyber security solutions provider to enterprises in the Middle East and North Africa (Mena).
"The industry is growing at 20 per cent annually," Nidal Taha, president of the Z Services, told The National, adding, "Mena's share in the money generated through cybercrimes is around 20 per cent. It is the number one crime in the value of dirty money."
Globally, the average individual cybercrime victim lost $142 on average. Consumers in the UAE who were the victims of cybercrime lost a total of $1.1 billion in 2017, according to Statista. While 24 per cent of global cyberattack incidents occurred in Europe, Middle East and Africa (Emea), North America bears the brunt as the most-targeted region, with 43 per cent of attacks happening there last year.
"Cybersecurity will be an ongoing concern in the Middle East and we need to make sure security measures keep up with the pace of development in other fields. Consumers and enterprises are using more systems, sharing more data, interacting with more devices ... making them more vulnerable," Nigel Hawthorn, director of cloud security at McAfee for Emea, told The National.
Cyber-crime costs reached about $600 billion globally in 2017, or 0.8 per cent of the world’s gross domestic product, according to a report by McAfee and Center for Strategic and International Studies based in Washington.
Mr Hawthorn predicts that the trend of moving more personal and enterprise data to the cloud will pick up further in 2019. “It won’t be very long before we see very little data on premises. Everything will be on cloud.”
David Weston, creator of Microsoft’s Windows Red Team, who is also known as hacker-in-chief at the company, also emphasises that moving data to the cloud to thwart cyber attacks.
"The cloud has advanced threat detection mechanisms and analytics to spot any (breach) attempt. Even if you are hit by some ransomware, the chances of restoring the stolen data are higher because everything is backed up," Mr Weston told The National.
The Middle East cybersecurity market is expected to expand at a compound annual growth rate of 14.2 per cent – reaching around $22.14bn by 2022, according to data published on Research and Markets.
This year also saw a rising trend of email attacks in the Middle East with industry experts expecting it to escalate in the coming years.
“Cyber criminals are constantly adapting their email-based attacks, looking for new ways to bypass security solutions. This quarter we saw a particularly large jump in emails containing dangerous file types,” said Matthew Gardiner, cybersecurity strategist at Mimecast, a London-based firm that specialises in cloud-based email management.
California-based software company Symantec said in its cyber security predictions for 2019 that cybercriminals will try to exploit Artificial Intelligence (AI) and Internet of Things (IoT) to launch more sophisticated attacks in 2019, gaining access to individual's personal data through Internet-connected devices.
“The fragility of some AI technologies will become a growing concern in 2019. Attackers won’t just target AI systems; they will enlist AI techniques themselves to supercharge their own criminal activities,” said Hugh Thompson, chief technology officer at Symantec.
“We can expect to see poorly secured IoT devices targeted for harmful purposes."