In the third quarter of 2022, the UAE saw the largest individual year-on-year increase in cyberattacks – by 151 per cent, compared to a 28 per cent increase globally, according to research. Attackers clearly have their eye on UAE companies, highlighting the importance of implementing robust cybersecurity strategies.
But in order to do so effectively, organisations must understand and anticipate the shifts in the regional cybersecurity landscape and safeguard themselves accordingly. In this regard there are some key trends that companies must take note of to stay safe.
The rising role of AI in the cyber realm, for one, is full of opportunity, but it also comes with increased risks. In 2023, we will probably see more instances of threat actors utilising sophisticated phishing techniques and combining them with AI to target and attack users in a more intelligent manner. According to some reports, phishing attacks in the UAE grew by 230 per cent in the second quarter of 2022. This is a threat that companies in the country – and in the wider region – need to keep an eye on.
AI has changed the phishing game, enabling attackers to leverage features such as natural language processing to create well-written, convincing phishing emails that are difficult to identify. Data shows that chatbot systems such as ChatGPT can be misused by attackers to craft phishing emails and codes. Additionally, by combining AI with databases of breached information found on the dark web, attackers can deliver more targeted and sophisticated phishing campaigns.
The evolution of regulations and compliance laws will affect the way companies approach data management, especially as governments across the region implement their own data privacy laws, including those of the UAE, Saudi Arabia and Oman. As more regulation is implemented locally, IT teams and organisations more broadly will start to change how they think about data collection and storage.
Many organisations view the data they collect as a resource that they can harvest and store without consequence. This may well change as organisations understand that some data they collect may have a liability associated with it, and hence, will need to review and update their data practices to ensure they are processing data in a lawful and ethical way.
That is where cybersecurity service providers would come in to address and manage data security and compliance for their clients, enabling them to focus on their core business.
In 2023, we could witness more supply chain attacks targeting software suppliers and developers. A number of attacks have already targeted widely used messaging and email applications that are used in many organisations.
The way we design, develop and operate software makes the electronic supply chain of code much more vulnerable. Most software is now developed through a modular approach, meaning that the software is essentially a patchwork of functionality, sourced from libraries available to the developer. The benefit of this is that we have become extremely efficient at delivering rich functionalities in our software quickly. Unfortunately, this approach also means that organisations don’t control their code base to the same extent any more, and the effect of a single vulnerability in a function can further affect many systems. This was seen with some of the crypto libraries, in which the very fabric of the internet was affected.
To avoid this, organisations can work with a cybersecurity service provider, who can study the organisation’s information and communication technologies pipeline to understand what kind of software libraries their vendors utilise, and whether those libraries could potentially be compromised. From there, the service provider can conduct a risk assessment to establish where the organisation stands in terms of software integrity, and act accordingly.
The number of Distributed Denial of Service (DDoS) attacks observed in the third quarter last year in the UAE is almost equivalent to the entire volume of such attacks recorded in the first half of last year. DDoS attack numbers grew by more than 79 per cent in the third quarter, compared to the second quarter of 2022, according to Help AG’s Q3/Q4 Threats & Vulnerabilities Report 2022. This year, DDoS attacks will likely rise in frequency, volume and complexity, in the sense that attackers are highly competent and have a good understanding of how protection systems function. This would enable them to potentially execute attacks under the radar, by constantly retooling attacks to bypass these set protection mechanisms.
In order to effectively mitigate DDoS attacks, companies must have a solid understanding of how their systems will react to such an attack. With the ever-evolving digital transformation requirements, DDoS mitigation solutions would need to continuously upgrade policies and technologies coupled with real-time insights. Service providers have been and will remain the best bet for businesses to deal with these varying attack trends, through services such as DDoS simulation testing that will enable IT teams to assess the resilience of their systems by staging a controlled attack.
The increasing sophistication of cyberattacks is certainly a worrying trend, but cybersecurity applications are simultaneously evolving to address these threats.
The future of cybersecurity will be service-centric, with 90 per cent of cybersecurity requirements expected to be fulfilled through a service model by 2025.
We will see more organisations make the shift to cybersecurity-as-a-service in 2023, partnering with specialist-managed service providers to gain access to expertise and latest technologies, as service providers continuously invest in technologies, knowledge and talent.
Cybersecurity is the crucial component of successful digital transformation and needs to be built in from day zero. As attackers evolve their methods to bypass security measures, often by abusing emerging technologies such as AI, it is crucial for organisations to arm themselves with awareness, and partner with security services providers to increase their cyber resilience.