Former Rutgers University student Paras Jha is seen as he leaves the Clarkson S. Fisher Building and U.S. Courthouse after his hearing in Trenton, New Jersey, U.S., December 13, 2017. REUTERS/Dominick Reuter - RC11344ADAB0
Former Rutgers University student Paras Jha is seen as he leaves the Clarkson S Fisher Building and US Courthouse after his hearing in Trenton, New Jersey, US, on December 13, 2017. Dominick Reuter /

Bolstering businesses' cyber security on agenda for Abu Dhabi meeting

This week Abu Dhabi is playing host to a select group of people with one of the toughest but most vital jobs in the Middle East. They are charged with defending the energy and utilities business from cyber attacks.

Each year they gather to discuss the latest threats from hackers, terrorists and rogue states. And each year the challenge of keeping the lights on just gets harder.

Those attending all know the horror stories. Last year's malware attack on the Ukraine, which hit gas and electricity companies, and even the notorious Chernobyl nuclear power plant still looms large. So does the re-emergence of the feared Shamoon virus, responsible for the devastating attack on Saudi Aramco in 2012.

And the UAE remains a major target in the region, with more than 100 cyber attacks on government sites alone last year.

As non-combatants in this global war, the public can only hope the cyber experts meeting this week can succeed in keeping the enemy at bay.

But they know the enemy is already among us, in a myriad of devices tied together by the Internet of Things (IoT).

Mention IoT to most people and — if they’ve heard of it at all —  they’ll probably think of cool gadgets that allow your fridge to warn when you’re low on eggs, or gets your TV to pick a movie.

But the reality about the IoT is chilling. It provides a way into homes, businesses and installations across the world. And the bad guys know it.

This month an American university student was due to be sentenced for attacking hundreds of thousands of gadgets linked by the IoT in the US.

Computer science student Paras Jha and two accomplices created malware known as Mirai, which targeted vulnerable household routers, webcams and other devices.

Having gained entry, Mirai hijacked the computers linked to the gadgets and used them to launch a massive “distributed denial of service” (DDOS) attack in 2016, blasting network servers with data until they failed. Large chunks of America’s internet simply stopped working.

It was a terrifying demonstration of what the IoT makes possible — equivalent to a burglar sneaking in to a few homes, and finding they all contain the master-switch for the national power grid.

No less terrifying is the speed with which these vulnerabilities are spreading.

According to a new report by Business Insider Intelligence there are already 9 billion IoT devices out there, and by 2025 that will grow to 55 billion.

Despite providing back-doors into key parts of the internet, these devices typically have only the most basic security measures. Even these are often undermined by users sticking with factory settings and passwords like “Admin”. Many devices can’t be upgraded as new vulnerabilities come to light either.

But most worrying of all is the lack of public awareness of the presence of the IoT in their homes.


Read more:

Middle East energy companies' cyber-security investments lag behind threats: Siemens 

Protection from cyber attacks 'critical' as UAE Government prepares to share data

Dozens of cyber attacks target UAE Government and companies in January


On that front, some people have now had a scary wake-up call — quite literally.

Earlier this month, owners of Amazon's virtual assistant, Alexa, reported being woken in the dead of night by evil-sounding laughter coming from "her" Echo speaker.

Amazon responded by claiming that the voice-operated device had a glitch making it misinterpret some commands as a request to laugh.

But some users insisted this wasn’t the problem at all. The scary cackle had come from Alexa unprompted, as if possessed by some evil spirit.

The company issued a software update it said would fix the problem — seemingly oblivious to the fact this confirmed the scary truth about Alexa: outsiders can control it remotely.

Doubtless most owners of the device are happy to put the “glitch” behind them, and get back to the wonders of interacting with Alexa.

Certainly Amazon would like to move on, as this small device is crucial to its humungous vision for the IoT.

Launched in 2014, Alexa has come to dominate the digital assistant market, ahead of the offerings from rivals like Google. There are upwards of 30 million units in the US alone.

But such popularity has it price — by making it a priority target for the world’s army of hackers. Security experts have already found ways of hijacking Alexa and its rivals. They include “backdoors” created by their use of Bluetooth to the installation of illicit hardware.

Some vulnerabilities are shockingly simple —  like getting into “smart” homes by telling Alexa to open the door via the letterbox.

Of course, the tech giants insist the devices come with a wealth of security measures. What they don’t have is any way of ensuring consumers use them, or that hackers can’t evade them.

Avoiding this security nightmare is becoming all but impossible. Most cars and other high-end technology now comes “internet ready”.

Adopting rigorous security standards yourself doesn’t help either. When you’re part of a vast network, it just takes one slip by someone, somewhere to land everyone in trouble.

Exhibit A is that attack on the Ukraine last June, which spread to affect organisations across the world.

Investigators concluded it began with malicious code spread via an update of an accountancy software package whose Kiev-based makers allegedly ignored repeated warnings about its security measures. The consequences were felt by around 2,000 companies, from Los Angeles to Tasmania.

The three students who developed the Mirai malware that exploited the IoT were rightly punished, but their case holds salutary lessons for all of us. As one cyber expert told The Guardian newspaper: "Imagine what a well-resourced state actor could do with insecure IoT devices".

Those gathering in Abu Dhabi this week carry the heavy burden of ensuring that we never find out.

Robert Matthews is Visiting Professor of Science at Aston University, Birmingham, UK

Director: Nag Ashwin

Starring: Prabhas, Saswata Chatterjee, Deepika Padukone, Amitabh Bachchan, Shobhana

Rating: ★★★★

Guns N’ Roses’s last gig before Abu Dhabi was in Hong Kong on November 21. We were there – and here’s what they played, and in what order. You were warned.

  • It’s So Easy
  • Mr Brownstone
  • Chinese Democracy
  • Welcome to the Jungle
  • Double Talkin’ Jive
  • Better
  • Estranged
  • Live and Let Die (Wings cover)
  • Slither (Velvet Revolver cover)
  • Rocket Queen
  • You Could Be Mine
  • Shadow of Your Love
  • Attitude (Misfits cover)
  • Civil War
  • Coma
  • Love Theme from The Godfather (movie cover)
  • Sweet Child O’ Mine
  • Wichita Lineman (Jimmy Webb cover)
  • Wish You Were Here (instrumental Pink Floyd cover)
  • November Rain
  • Black Hole Sun (Soundgarden cover)
  • Knockin’ on Heaven’s Door (Bob Dylan cover)
  • Nightrain


  • Patience
  • Don’t Cry
  • The Seeker (The Who cover)
  • Paradise City
The Super Mario Bros Movie

Directors: Aaron Horvath and Michael Jelenic
Stars: Chris Pratt, Anya Taylor-Joy, Charlie Day, Jack Black, Seth Rogen and Keegan-Michael Key
Rating: 1/5

Cricket World Cup League 2 Fixtures

Saturday March 5, UAE v Oman, ICC Academy (all matches start at 9.30am)

Sunday March 6, Oman v Namibia, ICC Academy

Tuesday March 8, UAE v Namibia, ICC Academy

Wednesday March 9, UAE v Oman, ICC Academy

Friday March 11, Oman v Namibia, Sharjah Cricket Stadium

Saturday March 12, UAE v Namibia, Sharjah Cricket Stadium

UAE squad

Ahmed Raza (captain), Chirag Suri, Muhammad Waseem, CP Rizwan, Vriitya Aravind, Asif Khan, Basil Hameed, Rohan Mustafa, Kashif Daud, Zahoor Khan, Junaid Siddique, Karthik Meiyappan, Akif Raja, Rahul Bhatia

Company profile

Company name: Fasset
Started: 2019
Founders: Mohammad Raafi Hossain, Daniel Ahmed
Based: Dubai
Sector: FinTech
Initial investment: $2.45 million
Current number of staff: 86
Investment stage: Pre-series B
Investors: Investcorp, Liberty City Ventures, Fatima Gobi Ventures, Primal Capital, Wealthwell Ventures, FHS Capital, VN2 Capital, local family offices

Rooney's club record

At Everton Appearances: 77; Goals: 17

At Manchester United Appearances: 559; Goals: 253

Types of bank fraud

1) Phishing

Fraudsters send an unsolicited email that appears to be from a financial institution or online retailer. The hoax email requests that you provide sensitive information, often by clicking on to a link leading to a fake website.

2) Smishing

The SMS equivalent of phishing. Fraudsters falsify the telephone number through “text spoofing,” so that it appears to be a genuine text from the bank.

3) Vishing

The telephone equivalent of phishing and smishing. Fraudsters may pose as bank staff, police or government officials. They may persuade the consumer to transfer money or divulge personal information.

4) SIM swap

Fraudsters duplicate the SIM of your mobile number without your knowledge or authorisation, allowing them to conduct financial transactions with your bank.

5) Identity theft

Someone illegally obtains your confidential information, through various ways, such as theft of your wallet, bank and utility bill statements, computer intrusion and social networks.

6) Prize scams

Fraudsters claiming to be authorised representatives from well-known organisations (such as Etisalat, du, Dubai Shopping Festival, Expo2020, Lulu Hypermarket etc) contact victims to tell them they have won a cash prize and request them to share confidential banking details to transfer the prize money.


Director: Tamer Ruggli

Starring: Nadine Labaki, Fanny Ardant

Rating: 3.5/5


Watford 1 (Deulofeu 80' p)

Chelsea 2 (Abraham 5', Pulisic 55')

Seemar’s top six for the Dubai World Cup Carnival:

1. Reynaldothewizard
2. North America
3. Raven’s Corner
4. Hawkesbury
5. New Maharajah
6. Secret Ambition

Washmen Profile

Date Started: May 2015

Founders: Rami Shaar and Jad Halaoui

Based: Dubai, UAE

Sector: Laundry

Employees: 170

Funding: about $8m

Funders: Addventure, B&Y Partners, Clara Ventures, Cedar Mundi Partners, Henkel Ventures

Most Read
Top Videos

The UAE Today

The latest news and analysis from the Emirates

      By signing up, I agree to The National's privacy policy
      The UAE Today