UAE shores up cyber defences to thwart hackers

Collaboration with other countries key to building a safe digital economy, cyber security chief says in an exclusive interview

Powered by automated translation

The UAE is working hard to build a safe digital economy with highly secure and robust cloud infrastructure, Dr Mohamed Al Kuwaiti, the UAE government's head of cyber security, said.

In an exclusive interview with The National, Dr Al Kuwaiti said the UAE’s key to success is collaboration with several countries to shore up its digital ecosystem and information technology infrastructure.

“We have state-of-the-art advanced cloud ecosystems that allow all businesses at different scales and government enterprises to seamlessly conduct their business here from the UAE,” said Mr Al Kuwaiti on Monday.

One key reason why cyber crime and ransomware attacks, in particular, are rising is that most people just view it as someone else’s problem
Dr Mohamed Al Kuwaiti, UAE government's head of cyber security

He was speaking on the sidelines of Intersec, a global emergency services, security and safety event that is taking place at the Dubai World Trade Centre. The event started on January 16 and will end on January 18.

“The UAE, like other nations, is going through digital transformations, which increase the dependency on technologies, and there are more and more, which opens a larger threat landscape.

"We are applying the latest cyber security technology and support big or small businesses with top-class experts from the private sector to help them if they are targeted by cyber criminals.”

Mr Al Kuwaiti said Intersec was a great way to explore the latest technology and innovative solutions to complex digital problems and network with cyber security experts from around the world.

“We are providing investors from around the world [with] multiple platforms such as this conference, which helps us to co-operate and work with others to enhance our cyber security, which is not one country’s problem. One key reason why cyber crime and ransomware attacks, in particular, are rising is that most people just view it as someone else’s problem.”

Ransomware has emerged as the biggest threat to cyber security in recent years. It allows criminal hackers to disable an organisation’s computer system and hold its data hostage, demanding a ransom to decrypt it.

There is no accurate data that shows the exact number of such attacks as many of them might have gone unreported, with victims paying the cyber criminals.

Cyber criminals are expected to attack a business, consumer or device every two seconds by 2031, according to New York-based research company Cybersecurity Ventures.

It said ransomware damages cost the world about $20 billion, which is 57 times more than in 2015 at $325 million.

The company predicts ransomware will cost its victims about $265 billion by 2031.

Alex Nicholl, head of the Intersec conference, said this year’s message is how to help various partners face wide-ranging digital disruptions and shore up their systems against potential vulnerabilities.

“We have been holding Intersec for 23 years and this is the first year we put a real emphasis on cyber security. We are providing a platform that brings together a diverse group of experts from the public and private cyber security sectors, cyber economists and ethical hackers," Mr Nicholl told The National

"We have also partnered, for the first time, with the UAE Cyber Security Council and plan to reinforce this partnership.”

The supply chain attacks

When hackers leave a message on a computer about how to contact them to decrypt locked data, one has little choice unless they have a solid backup system, said Mr Al Kuwaiti, who holds a doctorate in computer engineering and network security from George Washington University.

“If you have a solid backup system of your data, along with a cyber security framework and cyber security posters, then you do not need to negotiate with those ransomware criminals,” he said, noting that most of the cyber attacks in the UAE fall under the fraud, impersonation and data-theft categories.

“A company has to run a risk assessment, as well to figure out the cost of losing such data against the ransom money. It depends on the decision by the board members of this or that company at the end of the day. The recommendation is not to negotiate and it is not mandatory,” he said.

“The cyber attacks increased by at least 200 per cent last year, compared to 2020, in the UAE and are topped by ransomware, email phishing, ddos [denial of service] and impersonation."

Experts who track the actions of cyber criminal gangs and analyse hacking techniques said third parties have become the weakest link exploited by hackers to target critical infrastructure of major corporations and government agencies.

"We call it supply chain attacks,” ethical hacker Freaky Clown, one of the key speakers at Intersec, told The National.

“Criminals are aware that the big companies and entities have great defences. It is a great cause for concern because the ripple effects that can be triggered by a single attack, in particular, can comprise the cyber security of others in the supply chain.”

Updated: January 18, 2022, 3:52 PM