Middle East is not prepared for a major cyber attack – According to the recent article published in thenational.ae ; the author asks – What would happen to any GCC country if a cyber attack significantly degraded or disrupted the electric power grid, the water desalinisation and distribution system, the oil and gas pipeline network, air traffic control or airline operations, hospital networks, banking systems, stock markets or even motorway traffic controls? Imagine any GCC city deprived of its mobile telephone system or connectivity to the internet for just a day.
There is little such regulation in the Middle East. There is less money being spent of the defensive side of cyber security, and there are fewer experts dedicated to protecting networks in this region than in comparable countries elsewhere.
DarkReading has released a list of what it deems the “boldest” cybersecurity predictions for 2016. Among the threat predictions are that a cyberattack will impact the 2016 presidential race, there will be a significant rise in extortion attacks, and that we’ll see the creation of borders within the Internet “that divide access to information along country lines.
However – there are good news too
The National Electronic Security Authority (NESA) is a UAE federal authority that operates under the Supreme Council for National Security. NESA is responsible for the advancement of the nation’s cybersecurity, expanding cyber awareness and creating a collaborative culture rooted in information technology and innovation. The National Electronic Security Authority (NESA) has officiallyannounced the publication of a range of key strategies, policies and standards to align and direct national cybersecurity efforts in the United Arab Emirates (UAE). The announcements were made during a briefing session in Abu Dhabi on June 25th, 2014 with senior officials representing federal and local entities from the entire spectrum of UAE Government as part of ‘National Cyber Security Program’.
The growing security threat posed by cyber-attacks as Saudi Arabia becomes ever more reliant on IT has led to the development of a national information security strategy (NISS) and increasing investment in cybersecurity. Demand for cybersecurity products comes from both the government and private sectors. “Cybersecurity is big business in Saudi Arabia. All the major companies have dedicated significant budgets to ensuring they have the proper protection,” Jean Yves Tolot, CEO of the electronic security firm Thales, told OBG.
This has drawn a large number of multinational IT and security companies to the market, with some of them forming innovative partnerships with local IT and telecommunications firms. Meanwhile, one challenge for the Saudi cybersecurity industry will be training sufficient numbers of people to meet the growing demand for technical experts in the field.
In 2011 the Ministry of Communications and Information Technology began developing the NISS. Its objectives include increasing the security and integrity of online information; promoting greater use of IT; developing resilience in information systems; increasing awareness of security risks; and creating national guidelines for information security management based on international standards and best practices.
According to the NISS, “National and international interconnectivity create significant new vulnerabilities and present new types of threats to the Kingdom’s economic and cultural activities. These new threats could in some cases shutdown, corrupt or even destroy critical information and communication technologies (ICT) systems.” Such threats include the possibility that an adversary might “seize control and use an ICT system to directly harm or go against the Kingdom’s interests”.
Among the most serious cybersecurity incidents in recent years was the August 15, 2012 cyber-attack on Saudi Aramco, which damaged 30,000 of the firm’s computers. According to Saudi Aramco executives and the Ministry of Interior, the attack was designed to hurt the Saudi economy by shutting down Saudi Aramco’s exports and imports of oil and gas.
“The opportunities in cyber are enormous, both in the defence and commercial sectors,” Andy Carr, CEO of BAE Systems Saudi Arabia, told OBG. Indeed, Saudi Arabia’s cybersecurity market is predicted to expand by 30% between 2014 and 2016 to $37.5bn, according to a 2014 study by the George Mason University School of Public Policy.
Non-military branches of government investing in cybersecurity range from city administrations to the Capital Market Authority. For instance, government cybersecurity spending in 2013 included $20m at the Saudi Arabian Monetary Agency, $8.7m at the Ministry of Petroleum and Mineral Resources, over $10m at Saudi Airlines, and $12m at the King Abdulaziz City for Science and Technology, according to the conveners of the Digital Security Summit.
A 2014 study by the George Mason University School of Public Policy described the Saudi civilian cybersecurity market as centred around protection of energy systems and the e-commerce space, with the provision of data management and cyber-attack detection and prevention services critical to the former. According to the same study, the Kingdom’s e-government campaign to streamline and construct electronic databases also offers foreign firms opportunities to enter the Saudi cybersecurity market. Potential partners in this area include the Saudi Electronic Data Interchange, which manages government transactions; the eGovernment Service Bus Programme, which is centralising online government databases; and Tabadul, the Saudi Arabian Electronic Info Exchange Company, which manages public investment in IT infrastructure.
Among the most eyecatching cybersecurity partnerships between a foreign and Saudi firm in recent years is the global security operations centre (SOC) set up in Riyadh jointly by IBM and Saudi Arabian mobile operator Mobily in July 2013. The centre is located inside Mobily’s data centre, which has been granted tier IV design and construction certification by Uptime Institute, the data centre authority. According to IBM, the SOC is completely self-contained and its activity logs never leave Saudi Arabia. The centre uses IBM security services infrastructure to assist analysts with the aggregation, correlation, analysis and prioritisation of security logs and events.
The SOC will draw on IBM’s expertise in analysing over 15bn daily security events from devices located in more than 140 countries. Khalid Al Kaf, CEO of Mobily at the time of the SOC’s opening, said that the SOC had been conceived as a response to the “increasing security threats [arising] globally from the adoption of new and existing technologies”. He said that cybersecurity was increasingly important to the business sector in Saudi Arabia as companies viewed securing their data as critical to protecting their reputation and value.
In May 2014, the alliance between IBM and Mobily was selected by the Ministry of Education to help boost the ministry’s information security. Under the agreement, IBM and Mobily will provide services including real-time analysis and an early warning system for potential threats, development of security correlation and analytics capabilities, and protection against third parties gaining access to the ministry’s data from abroad.
Cisco’s whitepaper predicts – Middle East and Africa will experience the highest CAGR of 72 percent, increasing 15-fold over the forecast period.
Cyber activism in the Middle East has so far been politically or ideologically motivated. DDoS attacks or “cyber vandalism” against websites of governments are the most typical form of cyber warfare techniques in the MENA.
As some of the region’s governments are heading towards implementing e-government applications, as well as encouraging the private businesses to be more technology-friendly, the region will become more prone to money-driven cyber-attacks. The lack of sufficient cyber security precautions could make the damage bigger.
In December 2015, a hacker stole customer data from a UAE bank and requested a US$ 3 million “ransom” in bitcoins. This is nothing but the start of a trend to grow in 2016. Several more recent attacks have shown that professional cyber criminals have recently been taking advantage of the undeveloped cyber infrastructure in the region.
Qatar’s has put efforts to address current and emerging threats and risks, and in light of the strategic thrusts of Qatar’s National ICT Plan 2015 to protect the national critical information infrastructure and to provide a safe and secure online environment for the different sectors. To view the full text of the National Cyber Security Strategy, please visit this link
Oman, officially the Sultanate of Oman, an Arab country, faces similar security challenges faced by other nations: increasing cyber incidents and cybercrime. Recognizing the importance of a cyber-response team, Oman established OCERT(Oman Computer Emergency Response Team) in 2010.
The path to success lies in a comprehensive approach that enables stakeholders to collaborate in addressing shared, multidimensional cyber issues. All facets must be considered – technology, standards, policy, governance, leadership, strategy and execution. The dynamic expansion of digital life in gulf region is exciting and mitigating threats will emerge as prosperous and powerful nations
What do you think the future of the middle east cyber security? Leave your comments below.