UAE becomes key target of ransomware attacks

The UAE is increasingly becoming a target for ransomware attacks, even as the country improved its regional standing regarding source-based security threats such as phishing attacks.

The latest report of Symantec - Internet Security Threat, disclosed that 2016 was a year marked by extraordinary attacks that left organisations across the globe reeling. Ransomware continued to escalate as a global problem and a lucrative business for criminals. Symantec identified over 100 new malware families released into the wild, more than triple the amount seen previously, and a 36 per cent increase in ransomware attacks worldwide.

In the Middle East and Africa, UAE was the second most targeted company, after Saudi Arabia, for ransomware attacks, up two spots from 2015. Furthermore, the UAE ranked 26th globally for ransomware attacks, Saudi Arabia was the 20th most targeted country, and United States ranked first. Symantec found 30 per cent of UAE ransomware victims are willing to pay a ransom, compared to 34 per cent globally. Adversely, 64 per cent of Americans victims are prepared to pay a ransom. Consequently, in 2016 the global average ransom spiked 266 per cent with criminals demanding an average of $1,077 per victim up from $294 as reported for the previous year.

"New sophistication and innovation are the nature of the threat landscape, but this year Symantec has identified seismic shifts in motivation and focus," said Hussam Sidani, regional manager for the Gulf region at Symantec. "The world has seen specific nation states doubling down on political manipulation and straight sabotage. In the Middle East, we saw Shamoon putting the Kingdom on high alert again after attacks were uncovered late 2016. Meanwhile, cyber criminals caused unprecedented levels of disruption by focusing their exploits on relatively simple IT tools, unsecured IoT devices and cloud services."

The UAE's 2016 Internet Security Threat Profile improved with its world ranking dropping from 41 in 2015 to 51 in 2016.

In the Middle East and Africa, UAE improved its regional standing, dropping to 10th place compared to sixth the previous year. This shift indicates a lower global percentage of source-based security threats, including malicious code, spam, phishing hosts, web and network attacks, and bots originating in the country. However, the country was heavily targeted for ransomware, the second highest in the Middle East and Africa region, and representing about 0.5 percent of all global detections.

"UAE has taken commendable measures at federal, public and private levels to solidify cybersecurity in the country. Furthermore, various entities have made efforts to identify and foster future cybersecurity specialists, and there is also a growing awareness about cyberthreats in the weakest link in the chain - the end user or consumer," added Sidani.