Find a Question:
Symantec Unveils Latest reports of e-threats
.. and significantly improve Internet security in the UAE
Company “Symantec” revealed today, the latest reports own cyber security threats ISTR , which shows the extent of development reached by the aggressive tactics of Internet hackers, especially in today, which has become more interconnected through the complex world of digital networks.
The report pointed out that the issue of cyber attacks are no longer relate to what happens when exposed to attack, but it is currently related to the proper time when conditions are ripe for attack, where he developed the capabilities and methods of implementation of e-penetration network operations to become more insidious and successful in grabbing the infrastructure for major companies and taken hostage, and then re-used in a manner to cause serious harm to the interests of those companies.
Said Hossam Sidani, Regional Director for Symantec in the Gulf: “Attackers today does not need to break down the door so they can penetrate a corporate network, while the available access keys in their hands. Have seen them and they succeed in deceiving companies through the offside Kthdathat private public programs, and then stalking the victim until you download these fake updates, in the case like a trick the famous Trojan Horse, which opens the door for attackers to penetrate the corporate network and do what they like. ”
-Mail security in the Emirates
-Mail security file has seen a marked improvement in the UAE, where the state fell from 47th in the world in 2013 to 49 last year, the center with respect to exposure to security threats over the Internet.
This progress refers to the low number of security attacks, which starts from the source, such as malignant encryptions, and spam, traps, and traps. However, the report documented the increase in the number specified in the Emirates attacks Less than 1 percent of the total global electronic attacks Recorded in 2013 to about 5 percent in 2014.
On the other hand, was recorded a slight increase in cyber crimes that exploit the weaknesses of Information Technology on the companies and institutions, where the UAE has moved from 53rd in 2013 to 48th in 2014, and moved from place 60 in 2013 to 50 place in 2014 between States that have been exposed to attacks via the Internet.
If we compare the UAE with the first ten countries have been included in the list of e-threats in the Middle East, we find that it maintained its seventh unchanged since 2013. where stationed most attractive electronic sectors of finance, insurance and real estate services in the UAE to attack targets (40 percent coming from the electronic messages were specific) attacks, while small enterprises which had been estimated numbers of employees from 1 to 250 to a higher rate of attacks reached nearly 89 percent.
The report pointed out in the annual record of the days that are free of vulnerabilities, that software companies took an average of 59 days to find a filling gaps compared to only four days in 2013, where attackers take advantage of the delay time difference, as happened in the virus, “Hart Blade”, which appeared Suddenly, taking advantage of one of the gaps to spread through only four hours. While the record in 2014, only 24 days ago from weaknesses, which means that the field is wide open for an attacker to exploit known vulnerabilities before discovered and filled.
Attackers with advanced capabilities showed great determination in the implementation of breakthrough operations for networks to specific targets and higher levels, which resulted in the increase in the total attacks in 2014 by 8 percent, while it is interesting over the past year, is the accuracy of those goals, which were used only 20 percent of E-mail successfully to reach its goals, while the attackers are more relied on malware that you have downloaded the victim, as well as the increasing exploitation of loopholes available on the Internet.
He cited Symantec report notes about a stolen e-mail accounts from one of the companies that fell victim to penetration, which has been exploited to connect to another victim in the highest level. The report pointed out that the attackers took advantage of management tools and procedures for companies to implement their movement toward the tactical network using a stolen IP addresses before impenetrable, and then build an offensive programs within the victim’s private network specifications to enhance the stealth element during the execution of the attack.
Symantec explained in its report that e-mail is still the tool is increasingly favored by attackers to carry out extortion, but the methods have evolved to include mobile phones, and social networks in order to broaden the base of the goals with minimal effort. The report also increased by 13 percent in the number of mobile phones, which saw just offensive attempts and other attacks successful.
In this context, Sidani said: “The attackers are lazy by nature, preferring tools automated and exploit customers with little knowledge and experience to carry out their operations sordid easily, it seemed so obvious during the past year, with the implementation of the 70 percent of the social networking sites attacks worldwide directly and flashlight, and so Because the attackers exploit users’ confidence in the contents that sends them to their friends, which led to the development of the UAE in the 21st place globally among the most States offering users of social networking by networks of electronic attacks, and the center of the 36 attacks on extortion in 2014, because the electronic attacks via social networking check attackers quick financial profit sites, while extortion attacks rely more coarse way of dealing with the victim requests the highest amounts of money. ”
During 2014, were recorded more encrypted extortion attacks by 45 times the amount in 2013. Rather than claim the application of the law and to demand repayment offense match the return of stolen content, as is the case in traditional extortion, these kind of attacks are becoming more violent and sinister, where The seizure of the files, images and digital content for the victim without revealing the intention behind the attack.
Protection measures for companies and individuals
The report said that the attackers will not stop the development of their tools and methods, and therefore should be on companies and individuals to maintain the digital possessions and secure and not lost, which can be achieved by following the recommendations that fall within the best electronic practices, where companies can rely on more intelligent solutions to deal with these threats and help provide immediate indicators that warn of the presence of a hazard, so be dealt with more quickly, as well as the application of multi-level, is able to cover the network security and encryption and implement procedures check complex security system.
It’s not limited to just the security components and procedures only, but also must provide the necessary training and awareness, and through the establishment of general guidelines and institutional policies and procedures for the protection of sensitive data are available on the private and personal devices. And evaluation of the internal investigation teams, and conduct exercises on a regular basis, to ensure the readiness and availability of the required skills to fend off cyber attacks effectively.
But as for individuals, compelling them taking a range of easy procedures that guarantee them the protection of electronic privacy, and through the use of strong, unique passwords for accounts and personal devices lyrics, as well as careful to change from time to time on a regular basis every three months. And do not use one password for more than one account. As cyber attacks have become increasingly made through social networks, it is our duty to take precautions during the presence on their pages, and not to rush clicking on links that arrive via messages of unknown origin. This is because the scammers are well aware that the user most of the time do not hesitate to click on those links, especially if they come from a friend he knew, and that the attackers were using those accounts to send malicious links to the accounts listed on the user’s contact list.
And so the user does not fall victim to one of those malignant process without knowing it, compelling him validation of all permits and sources by software or applications to download and install new equipment from the content, the ones that need you to share personal data, and to make sure the connection is terminated remote process, especially if you no longer need her.
1 Twitter 48 Facebook 99 Linked In 0 Google + 2
Answer this Question
You must be Logged In to post an Answer.
Not a member yet? Sign Up Now »
Star Points Scale
Earn points for Asking and Answering Questions!