Weak links in Bahrain’s cyber security highlighted
Dubai, August 19, 2014
While Bahrain’s companies are innovating their future using the Internet, they face unprecedented risks the security chain caused by situations out of their control – from geopolitical events to natural disasters, said an industry expert.
“This calls for company executives need to understand, create awareness, and manage cyber risks and weaknesses in,” added Tarek Ghoul, general manager for the Gulf, Levant, and Pakistan, Cisco.
“Starting from the most senior level, Bahrain’s businesses must make cyber security a business process, and deploy cyber security solutions that cover the entire attack continuum – before, during, and after a cyber-attack,” Ghoul added, referring to the recently released Cisco Midyear Security Report, which highlights weak links in Bahrain’s increasingly dynamic threat landscape.
In the Middle East, geopolitical events are creating new trends in the cyber realm, expanding the risk landscape for businesses, governments, and other organizations and individuals.
Due to recent drought, floods, and unrest affecting supplies and infrastructure across the wider Europe, Middle East, Africa, and Russia (EMEAR) region, the top five most at-risk industry verticals for mobile malware encounters during the first half of 2014 were agriculture and mining, transportation and shipping, food and beverage, government, and media and publishing. In EMEAR, food and beverage saw the highest number of web malware encounters.
As a result, weak links –outdated software, bad code, abandoned digital properties, or user errors – contribute to the adversary’s ability to exploit vulnerabilities, with methods such as DNS queries, exploit kits, amplification attacks, point-of-sale (POS) system compromise, malvertising, ransomware, and infiltration of encryption protocols, social engineering and “life event” spam.
The report also shows that focusing on only high-profile vulnerabilities rather than on high-impact, common and stealthy threats put these organizations at greater risk. By proliferating attacks against low-profile legacy applications and infrastructure with known weaknesses, malicious actors are able to escape detection as security team’s focus instead on boldface vulnerabilities, such as Heartbleed.
• Globally, researchers closely examined 16 large multinational organisations, which, as of 2013, collectively controlled over $4 trillion in assets with revenues in excess of $300 billion. This analysis yielded three compelling security insights tying enterprises to malicious traffic:
1. “Man-in-the-Browser” attacks pose a risk for enterprises: Nearly 94 per cent of customer networks observed in 2014 have been identified as having traffic going to websites that host malware.
2. Botnet hide and seek: Nearly 70 per cent of networks were identified as issuing DNS queries for Dynamic DNS Domains. This shows evidence of networks misused or compromised with botnets using DDNS to alter their IP address to avoid detection/blacklist.
3. Encrypting stolen data: Nearly 44 per cent of customer networks observed in 2014 have been identified as issuing DNS requests for sites and domains with devices that provide encrypted channel services, used by malicious actors to cover their tracks by exfiltrating data using encrypted channels to avoid detection like VPN, SSH, SFTP, FTP, and FTPS.
• The number of exploit kits has dropped by 87 per cent since the alleged creator of the widely popular Blackhole exploit kit was arrested last year, according to Cisco security researchers. Several exploit kits observed in the first half of 2014 were trying to move in on territory once dominated by the Blackhole exploit kit, but a clear leader has yet to emerge.
• Java continues its dubious distinction as the programming language most exploited by malicious actors. Cisco security researchers found that Java exploits rose to 93 per cent of all indicators of compromise (IOCs) as of May 2014, following a high point of 91 per cent of IOCs in November 2013 as reported in the Cisco 2014 Annual Security Report.
• Unusual upticks in malware within vertical markets. For the first half of 2014, worldwide the top three verticals most at risk for web malware encounters were media and publishing, pharmaceutical and chemical, and aviation. – TradeArabia News Service