Warning for UAE companies after huge cyber attack

Millions of web users in the US and Europe on Friday were left unable to view popular websites including Twitter and PayPal.

Three waves of cyberattacks brought down major internet sites Twitter on Friday. Emmanuel Dunand / AFP
Beta V.1.0 - Powered by automated translation

Companies in the UAE are being warned that the sort of massive cyber attack which blocked some of the world’s most popular websites over the weekend could be used to target regional businesses and governments.

On Friday, millions of web users in the United States and Europe were left unable to view popular websites including Twitter, PayPal, Amazon, Netflix and even The New York Times and Wall Street Journal, after hackers took over hundreds of thousands of common internet-enabled devices such as webcams and used them to bombard the sites with spam data.

FBI officials are still investigating the source of the attacks but days ahead of the US election, controversial website WikiLeaks claimed its supporters were responsible.

“[Julian] Assange is still alive and WikiLeaks is still publishing. We ask supporters to stop taking down the US internet. You proved your point,” it tweeted early on Saturday morning.

The attacks differed from other recent cyber attacks because they centred around New Hampshire-based internet infrastructure company Dyn, which acts as a switchboard for online traffic – an area of the internet not typically targeted by cyber criminals.

According to Dyn, the company was hit by a series of at least three massive distributed denial-of-service (DDoS) attacks where millions of IP addresses flooded the targets with junk traffic, making it one of the largest ever cyber attacks.

Security experts said that the attack used a new powerful control software called Mirai to forcibly network together thousands of web-enabled CCTV cameras around the world and turn them into what is known as a “botnet”.

Since the start of this month when the Mirai code was published on a hackers’ forum, experts have warned that criminal organisations and pressure groups will find it easier to launch this sort of attack.

“These sorts of DDoS attacks are extremely worrying and on a company level there isn’t a whole lot that you can do about them,” said Mohammad Amin Hasbini, a senior security researcher at internet security firm Kaspersky Lab, which advises businesses on cyber defences.

“The big problem is that we don’t know who is responsible for these attacks; we don’t know if they are financially motivated, politically motivated or if they are just doing it for fun. WikiLeaks claims its supporters were responsible but who are they? This attack is perhaps 15 times bigger than any that we have experienced so far in the UAE, but DDoS attacks do happen every day in the UAE and, as technology improves, the problem is getting worse.”

The disruptions come at a time of unprecedented fears about the cyber threat in the Middle East and around the world.

Between 2011 and 2013, 46 major financial institutions in the US were targeted through DDoS attacks, preventing hundreds of thousands of customers from accessing their accounts and costing the businesses millions of dollars to upgrade their systems. In March this year the FBI charged seven Iranian computer experts with carrying out the attack. And in 2013 two members of “hacktivist” group Anonymous were convicted of carrying out DDoS attacks against online payment websites including PayPal.

“The risks for this sort of attack are growing daily. There are now more devices than there are humans on the planet, and these days it is getting easier and easier for anyone with a grudge against a company or a government to buy a botnet army to launch attacks,” said Eric Eifert, the senior vice president for managed security services at cybersecurity firm DarkMatter.

He warned that terror organisations such as ISIL had the capacity to use cyber technology to take over drones being used against them and convert them into improvised explosive devices.

“In the UAE especially we are seeing a lot of new devices being used as consumers look to control all sorts of things including lighting, cooling, even their fridges from their smartphones,” Mr Eifert added. “Anything with an IP address can be infected by malware and these devices often have generic passwords which hackers can easily guess. It is important that manufacturers don’t let this happen in future.”

According to figures from Kaspersky Security, an average of 17.4 per cent of users in the Middle East encountered cyber threats originating from the internet in the third quarter of 2016.

The countries with the highest percentage of users affected by these threats were Qatar (24.4 per cent), the UAE (22.8 per cent), Kuwait (20.1 per cent), Saudi Arabia (17.9 per cent) and Egypt (17.1 per cent).

At the same time, an average of 47 per cent of users in the region encountered malware that spread in local networks, via USBs and storage disks.

Earlier this month the first US secretary of homeland security Tom Ridge, told a cyber security conference that as a global hub, the UAE is a prime target for cyber attacks.

“Any enterprise that is as successful, vibrant and connected like Dubai [is a target],” Mr Ridge said. “It’s a centre for financial transactions and trade historically. That’s what makes the government’s decision to make it a smart city timely and relevant and increases the pressure on [it] to do it right because it becomes an iconic player in the region and the world. The higher the profile, the more sophisticated the attacks.”


Follow The National's Business section on Twitter