Millions of nationals and residents log on to the internet everyday in the UAE, conduct their business, research for their school projects and socialise with friend and family across the world. What they don’t know is that a silent team is working 24-7 to make sure that their internet experiences are not subjected to malicious cyber attacks. Cyber attacks on websites can be thwarted before the fact by locating potential vulnerabilities that have to be eliminated so that they can not be exploited by would-be attackers. To do this, a pentest can be conducted, after assessing the penetration testing services prices, which is a form of ethical and controlled hacking.
Many of us in the UAE take the daily use of secure internet for granted. However, there are criminal elements who are ready to take advantage of unsuspecting users.
For instance, in 2013 a Norton Cybercrime Report found that 1.5 million people were victims of cybercrime in the UAE in the previous 12 months, costing the country Dh1.5 billion in direct losses (Messe Frankfurt).
Not only are individuals targeted, UAE strategic entities such as oil and gas facilities, infrastructure including airports and telecom firms, as well as multinational corporations face cyber security threats. In 2012 a malware virus called Wiper attacked Middle East oil installations focusing on destroying data and “systematically erasing system files, causing the systems to crash and preventing them from rebooting” according to Wired.
Criminals are also increasingly targeting the commercial sector of the country that contributes to 12 per cent of the gross domestic product (GDP) of Dubai alone. According to the General Directorate of E-Services and Telecom at the UAE Ministry of Interior, the banking sector bore a third of cybercriminal attacks in the UAE last year while government’s e-services, telecommunication systems and educational institutions’ systems bore the rest.
Dr Jamal Al Hosani, director of Technology and Communications at the National Emergency Crisis and Disaster Management Authority (NCEMA), predicted in 2012 a rise of 20-30 per cent in cyber attacks against the UAE in 2013 alone. The critical national infrastructure sectors include the communication, financial, food and water, health, energy and transportation amongst others. The NCEMA is part of a number of organisations under the Supreme Council for National Security whose purpose is to secure the country from external threats.
Last year hackers twice targeted the account of the popular UAE Foreign Minister Shaikh Abdullah Bin Zayed Al Nahyan. In July 2013, a cyber attack emanating from Egypt was thwarted by the Computer Emergency Response Team, a subsidiary of the UAE’s Telecommunications Regulatory Authority.
In March 2013, internet users in the UAE were affected by a major denial of service attack. Earlier this month Dubai Police Twitter account was hacked a year after the social media accounts of Abu Dhabi based Sky News Arabia were attacked by the ‘Syrian Electronic Army’.
In March 2013, Dubai Police arrested criminals who hacked into an exchange house and transferred $2 million (Dh7.34 million). In all these instances the UAE security agencies managed to either thwart or apprehend the criminals although the mounting frequencies of attacks will require public vigil and cooperation.
It is in that spirit that the UAE has started educating educators about the importance of cyber security awareness. A course that ran last year trained hundreds of teachers on a broad range of IT-related issues starting from “ethics of computer use, password protection, phishing security protocols, secure browser use, and correct use of content sharing on social media to protect privacy and avoid copyright infringement”, according to the official UAE news agency.
Research universities such as NYU Abu Dhabi have established a Centre for Interdisciplinary Studies in Security and Privacy whose mission is to act as a “catalyst to improve cyber security in the UAE and enhance its regional and global competitiveness in this field.”
Matt Suiche, a cyber security expert in Dubai and Founder of MoonSols says the “UAE is now a key player in the global scene because of its natural resources and its leverage in term of financial services, which makes it a high-interest and attractive target for potential attackers like its neighbours in the past.”
The US Department of Commerce’s International Trade Administration recently published an annual report that estimated that UAE government expenditure on homeland security was set to almost double from $5.5 billion to more than $10 billion in the next 10 years.
Analysts quoted by Defence News expect a significant amount of that expenditure to focus on cyber security. The purpose of this investment is primarily the prevention of malicious attacks against the UAE which are becoming an increasing threat as the country’s profile rises and increasingly attracts corporations’ and immigrants.
The security of strategic UAE infrastructure is of paramount concern not only to the country but for the entire world. For instance, Dubai International Airport is today the second busiest international airport in the world, serving over 220 destinations and 130 airlines that carried over 66 million passengers in 2013.
Certainly the UAE’s efforts in combating cyber crime are the most sophisticated in the region. The UAE government’s emphasis on cyber security is part of a broader homeland security enhancement policy much of which is unknown to the general public.
Although these threats carry the label ‘cyber’ they are in fact very real. The UAE general public ought to not only rely on the government to prevent and protect UAE internet users from malicious cyber activity but also make sure that it remains vigilant against all forms of very real cyber threats.
This article was originally published in Gulf News on February 26, 2014.