Banks a prime target for cyber attacks

The UAE's Computer Emergency Response Team, aeCert, has released figures for cyber attacks carried out in the country last year.

ABU DHABI // Banks were targetted in almost 75 per cent of the phishing attacks recorded in the country last year.

The agency tasked with overseeing cyber security in the UAE, aeCert, said 72 of the 100 attacks registered last year were on banks.

Speaking at the International Security and National Resilience conference in Abu Dhabi, which ends today, officials said local banks were the primary target.

"These attacks are done to acquire information such as account details, pin numbers and other private information for criminal use," said Meshal Bin Hussain, operations manager at aeCert.

Officials from the company released their annual report on Tuesday, which said banks were targeted in many different ways.

"In August last year we went up against an evolved Trojan called Zeus that attacked banks across the UAE," said Tariq Al Hawi, director of aeCerts's emergency response team.

A Trojan virus is a malicious programme that copies itself onto a hard drive and steals information or harms the host's computer systems.

Zeus, according to Al Hawi, was extracting sensitive information from the files of different banks and sending it back to the hackers.

"The banks met with us and the problem was almost immediately resolved. We conducted an analysis of the Trojan after the threat was neutralised and found it to be very advanced," Mr Al Hawi.

According to aeCERT, the most common point of attack was on PCs running Microsoft Windows, where hackers targeted a port unique to the operating system identified as TCP445.

"We had 105,563 attacks registered through these ports," said Mr Bin Hussien.

A further 45,000 attacks were registered on file sharing ports and 13,000 attacks were through web server ports.

Mr Bin Hussien said the government sector had been particularly proactive in taking steps to prevent hacking. A total of 2,304 government employees attended awareness courses held by aeCert, including some janitorial staff.

Published: March 21, 2012 04:00 AM