The focused attacks aimed at cyberespionage and lateral movement appear to hint at further ambitions by the group, including supply-chain threats.
Posts tagged "East"
Cybersecurity firm FireEye has seen as an increase in zero-day exploitations in 2019 than the previous three years in the Middle East.
Speaking to TechRadar Middle East, Alister Shepherd, Director for Middle East and Africa at Mandiant, a unit of FireEye, said that there are more private security companies investing a large amount of money, apart from governments such as state-sponsored actors, to develop offensive cyber capabilities and services to make additional income.
As a wider range of actors appears to have gained access to these capabilities, he said that there is going to be a greater variety of actors using zero-days, especially as private vendors continue feeding the demand for offensive cyber weapons.
“Unsophisticated threat actors have been able to buy malicious tools from the dark web for some time – you can buy access to a network and then buy the ransomware, and you just take the risk to deploy it. We’re now seeing this being mirrored at a higher level, as Governments who have not developed their own capability, or who wish to extend their capability, can now buy off the shelf with sophisticated capabilities,” he said.
According to industry reports, espionage groups such as Stealth Falcon and FruityArmor have targeted journalists and activists in the Middle East, between 2016 and 2019, by buying malware sold by NSO, an Israeli software company, which leveraged three iOS zero-days.
Becoming increasingly commoditised
Shepherd said that SandCat, suspected to have links with Uzbekistan state intelligence, has been using zero-days in operations against targets in the Middle East.
BlackOasis, which could have acquired zero-day from private company Gamma Group, has demonstrated similarly frequent access to zero-day vulnerabilities in the Middle East.
“We believe that some of the most dangerous state-sponsored intrusion sets are increasingly demonstrating the ability to quickly exploit vulnerabilities that have been made public. In multiple cases, groups linked to these countries have been able to weaponise vulnerabilities and incorporate them into their operations, aiming to take advantage of the window between disclosures and patch application,” he said.
Even though financially-motivated groups continue to leverage zero-days in their operations, he said that they are less frequent than state-sponsored groups.
“Countries with the strongest capabilities are Russia, China, North Korea, the US, Iran and Israel, apart from other countries. We typically see Russia and China deploying these tools most broadly,” he said.
Moreover, he said that access to zero-day capabilities is becoming increasingly commodified and state groups will continue to support internal exploit discovery and development.
However, he said that buying zero-days from private companies may offer a more attractive option than relying on domestic solutions or underground markets.
- Why multinationals prefer to take GDPR as baseline for global compliance?
- UAE data protection law, similar to GDPR, likely landing this year
- Russia and Iran expected to conduct disruptive cyber-attacks in Middle East
The move by large organisations and small- and mid-sized enterprises to transform their businesses digitally is driving public cloud spend in the Middle East and North Africa (Mena).
Sid Nag, research vice-president at Gartner, said that government initiatives such as Smart Dubai, Smart Abu Dhabi, Bahrain’s Cloud First Policy of 2019 have bolstered cloud adoption among large organisations in the region.
Organisations are also increasingly moving their applications and workloads to the public cloud as concerns around security and governance dissipate further as many global tech companies have opened data centres in the region for data residency regulations.
Big tech companies have shown interest in the UAE to open data centres. Amazon Web Services has a cluster of data centres in Bahrain and the UAE.
Oracle already opened its first data centre in the UAE last year in Abu Dhabi and plans to open one more in Dubai this year, and two in Saudi Arabia this year, one had already opened in Jeddah, while Microsoft opened its data centres in Dubai and Abu Dhabi last year.
Alibaba Cloud, the cloud computing arm of Chinese e-commerce giant Alibaba Group, has already invested in one data centre in the UAE while SAP opened its data centres in UAE and Saudi Arabia last year.
IBM opened two data centres – one each in Dubai and Abu Dhabi – this year.
Big cloud providers need to have local data centres to cater to governments, financial and banking sectors for data residency regulations.
Necip Ozyucel, Cloud and Enterprise Group Lead at Microsoft UAE, that the cloud adoption was strong in the UAE but the challenge was finance and government industries because of data redundancy and latency was also another challenge for other industries as well.
After the opening of data centres in the UAE, he said there is a strong adoption of cloud services across industries and it has also unlocked all the problems of the governments.
“Governments and financial sectors are moving mission-critical apps onto the cloud and many customers in retail, construction, airlines, and small- and medium-sized companies are migrating,” he said.
Arun Khehar, senior vice-president for East-Central Europe, Middle East, Africa and India at Oracle, said that that the data centre is a huge catalyst for on-premises customers to move to the cloud as they can expand beyond their geographies and it can be done only through the internet and cloud.
“Government sector is not an issue as we have been selling to them three years back. The issue is with the sensitive part of the government such as the department of finance. This happened because of the Abu Dhabi data centre. Data sovereignty is a key issue. HR and payroll are crucial and sensitive in this part of the world,” he said.
Security and privacy issues have been taken care of because of the local data centre, he said and added that the cost of running a cloud is cheaper as there is no infrastructure cost, skills are not needed as Oracle own the skills and upgrades.
- Oracle sees more UAE governments moving to the cloud platform
- Microsoft sees room for growth opportunities for all cloud providers in UAE
- Oracle on track to beat AWS in number of data centres by end of the year
Growth drivers: CRM and ERP
Khehar said that business issues have become critical and digital transformation has become a much bigger issue than where the data is going to reside.
Nag said that the collective economic goal of the region to become more technology- and data-centric has been a cornerstone to this rapid acceptance of both the private and public cloud.
The regional market is expected to increase 21% year on year to $ 3b this year compared to $ 2.5b a year ago and this figure is expected to increase to $ 3.6b in 2021.
Nag said that SMEs in the region are focusing their investments in cloud deployments that will enable faster business analytics and artificial intelligence, both of which are key growth drivers for public cloud in the region.
In the public cloud space, software as a service (SaaS) is expected to account for 53% of the total public cloud service revenue to $ 1.6b this year compared to $ 1.3b a year ago.
“SaaS products are typically sold via subscription, allowing companies to avoid large up-front licensing fees and capital costs. The cost-effectiveness of SaaS is one of the motivations for organisations to increase their spending in the segment,” Nag said.
Customer relationship management (CRM) and enterprise resource planning (ERP) remain the top two segments driving the growth of SaaS and will continue to go up as businesses keep enhancing their customer experience.
Nag said that ERP will accounts for 12% of the overall public cloud service revenue forecast this year and this is because most independent software vendors have converted their ERP applications from on-premises, license-based offerings to cloud-based SaaS offerings.
While business intelligence (BI) applications are currently low in the region, he said that it is the fastest-growing segment among SaaS offerings and on pace to total $ 29 million in 2020, an increase of 37% from 2019.
“BI revenue is expected to achieve 30% growth over the next three years as local businesses leverage BI-based analytics to make smarter decisions and optimize their business operations,” he said.