Cyber attacks are likely to rise during times of confusion and fear, increasing their chances of succeeding, a new set of guidelines from Abu Dhabi authorities has warned.
Abu Dhabi Emergencies, Crises and Disasters Management Centre (ADCMC) informed residents of common cyber threats, reasons for the increase in cyber attacks and indicators of suspicious messages and links, in the “Guidelines for Cybersecurity Awareness during Emergencies”.
One section of the guidelines, issued last week, lists the possible motivations behind the spike in hacking attempts and computer crimes.
“Exploiting fear and confusion among individuals”, it reads, leads to “rushed digital decision-making without adequate verification”.
The spread of rumours, the document warns, also increases the fear factor, which ratchets up mental fatigue, making it more likely that people will click nefarious links or provide personal information that could lead to hacking.
The warnings about increased cyber vigilance echo those made shortly after February 28, when the US and Israel attacked Iran. Within hours of those strikes, cyber security analysts warned of an increase in potential cyber attacks from Iran and groups seeking to take advantage of the situation.
Maher Yamout, a lead researcher for cyber security firm Kaspersky, said that AI is also being used by bad actors to take advantage of geopolitical tension.
“We’re seeing attackers use AI to automate reconnaissance, generate highly convincing phishing messages and create deepfake content at scale,” Mr Yamout told The National. “Whether with a specific target in mind or even just to create widespread fear and confusion during tense times.”
Mr Yamout added that AI was “lowering the barrier to entry” and making it easier and more economical for cyber crime groups to try to compromise systems all around the world. “Anyone can abuse these capabilities, making cyberattacks more widespread than ever before,” he warned.
On Monday, Microsoft's Threat Intelligence division said that phishing campaigns, which can manipulate people into clicking links that may extract and compromise data, also continue to be a popular attack method.
“Phishing campaigns continue to improve refinement in blending social engineering, delivery and hosting infrastructure, and authentication abuse to remain effective against evolving security controls,” the company warned.
Between April 14 and April 16, Microsoft's security research team said that it had tracked phishing campaigns “targeting more than 35,000 users across over 13,000 organisations in 26 countries”. Microsoft did not say from where the phishing campaigns originated, and pointed out the difficulty of doing so at this time.
“Analysis of the sending infrastructure indicated that the campaign emails were sent using a legitimate email delivery service, likely originating from a cloud-hosted Windows virtual machine,” a blog post detailing the phishing attacks read.
