Kaspersky’s findings reveal a complex web of cyberthreats targeting the Middle East, the main dangers are:
Ransomware Groups
Hacktivism
Ideologically motivated hacktivist activities are on the rise. Although such attacks were most commonly assumed as denial of service (DDoS), hacktivists are becoming more destructive in their approach. In line with current geopolitical instability, attacks are shifting to more critical outcomes such as data leaks and the compromise of target organizations. Kaspersky DFI researchers observed more than 11 hacktivist movements and various actors across the region.
Initial Corporate Access
A key target for cybercriminals is entry points into corporate networks. Cybercriminals are able to exploit initial access to larger groups, or criminals who have the capabilities to further develop the attack. Kaspersky’s experts discovered more than 40 dark web adverts offering corporate access to government, education, manufacturing, transportation, financial, healthcare, IT, and other corporate organizations in the region.
Example of post from initial access broker
Info Stealers
Data Breaches
Vera Kholopova, Senior Analyst at Kaspersky Digital Footprint Intelligence said “It is evident cybercriminals are not only perfecting existing methods, but developing innovative tactics and tools to infiltrate their victims. In this ever-evolving environment, vigilance is essential to safeguard organizations’ network infrastructures from various threats lurking in the dark web. As technology continues to advance, cyberattacks are becoming an inevitability rather than a possibility, making it ever more important to stay one step ahead.”
In order to proactively defend against cyberthreats, Kaspersky shares the following tips:
- Create and maintain an IT asset inventory. Identify all assets that need to be protected and perform regular updates on software so that attackers don’t have the opportunity to exploit known vulnerabilities. 
- Implement comprehensive security solutions. Use multi-pronged security controls, like Kaspersky Next, across your entire network. These additional layers of protection ensure timely detection and prevention of cyberattacks. 
- Promote cybersecurity awareness among staff. Educating and training employees on cybersecurity best practices and potential threats minimizes the risk of human error, which remains one of the main vulnerabilities in organizations. 
- Continuously monitor and assess your digital environment. Keep a close watch on all devices, servers, systems, services, applications, and traffic for any suspicious activity – early detection of a malicious attack is key. 
- Stay up-to-date with threat intelligence (TI). Regularly review threat intelligence data to understand the latest tactics, techniques, and procedures used by attackers. You can then tailor your security controls accordingly. 
- Monitor the dark web. Stay aware of dark web activities in order to gain valuable insights into potential attack vectors, cybercriminal interests and plans. Use Kaspersky’s Digital Footprint service to strengthen your defences and respond proactively.
To know the more on the dark web threats facing the Middle East region, or read the full report here.
 
No comments:
Post a Comment
Got something to say? Feel free to let us know in the comments section below.