The Middle East is the world's worst affected region for cyber attacks. Global cooperation is needed to address this bloodless but brutal war, say security experts.
Cyber-warfare in the Middle East is no game
The world has embarked on a new cold war - but instead of military posturing, this conflict is taking place in cyberspace.
The Middle East is increasingly on the receiving end of cyber-warfare strikes, more so than any other region in the world, experts estimate. And the attacks have been among the most damaging.
Cyber assaults have moved from financially motivated attacks targeting as many people as possible to more focused, specially engineered strikes intended to extract intellectual property or cause sabotage. The extent of the damage that cyber-sabotage can provoke has been likened to traditional warfare.
"We cannot deny cyber-warfare is happening. Every government is working to defend itself and some are creating cyber offensives," says Justin Doo, the security practice director for the Middle East and North Africa at Symantec.
"We are seeing a similar point to the Cold War. Everyone is arming themselves, building up similar offensive and defensive capacity."
Stuxnet, a malicious software (malware) targeting centrifuges at Iran's nuclear facilities in 2010 set back the country's nuclear plans by about two years, according to experts. The attack was widely believed to be a joint state-sponsored effort by the United States and Israel.
One of the most high-profile attacks this year was Shamoon, another malware and among the most destructive, which targeted the private sector. It infected 30,000 computers at Saudi Arabia's Aramco in August. The computer virus contained a code that was able to both steal information and wipe data from hard drives, replacing it with an image of a burning US flag.
Other attacks that have caused havoc across cyberspace include Gauss, which targeted financial institutions primarily in Lebanon, and Flame, a cyber-espionage tool targeting governments, universities and private individuals in Iran, Syria, Lebanon and Saudi Arabia, among others.
Such espionage tools can record audio and keyboard activity, switch on a device's camera or turn an infected telephone into a recording device. Flame was able to record Skype conversations and used an infected computer's Bluetooth connectivity to extract information from other Bluetooth-enabled devices nearby, sending the data back to several command-and-control servers around the world.
These attacks use vulnerabilities in a computer's operating system that had never been exploited before. Finding such weaknesses is expensive and takes time. Analysts have therefore suggested such strikes are probably funded by nation states.
Judging by the targets and the way the viruses manifest themselves, that may well be the case.
Pinpointing the exact origin of a virus, however, is practically unachievable because of the interweaving networks of the Web. Anonymity is all too easy to assume online and while security experts are able to deduce the language of the codes and determine the cultural or linguistic origin of the malware creator, they cannot determine where it was created.
At the moment, Aramco and Qatar's RasGas are the only two known victims of Shamoon. Information about the cyber attack is still scarce - companies and organisations can be reluctant to admit to being victims - and it is unclear whether other firms or countries were affected.
"When we analyse and investigate such incidents, we only have the malicious codes in our hands, we have some network data but that is it. We are not the police or secret service to be able to extract data from other places," said Eugene Kaspersky, the founder of Kaspersky Lab, at the ITU Telecoms World conference in Dubai last month.
"Shamoon may be the tip of the iceberg of what is happening in cyberspace. I am pretty confident that these [attacks] are not the first and last."
It is also difficult to gauge the extent of the damage caused. In the Middle East, organisations that have come under a virus or malware attack are not required to declare them in public.
"It is better for national security to keep it under wraps," says Theodore Karasik, the director of research and consultancy at the Institute for Near East and Gulf Military Analysis, or Inegma, in Dubai.
"The worst aspect of a cyber attack is to announce it, because it gives other people the same idea and it can spread. We do not want lone wolves or small cells trying to duplicate attacks that have worked."
This week, the UAE implemented a new law, the most comprehensive in the Middle East, that covers issues such as safeguarding personal and corporate data, including bank details.
"All the GCC states are creating their own centres or programmes related to cyber defence. There are no hard facts on spending or on counteracting cyber warfare, but numbers must be quite dramatic, clearly in the billion and billions of dollars," says Mr Karasik.
Some say online battles - without the need for armed conflict - may turn out to be a new trend in warfare.
"When armies move in, the one thing they do is destroy education and health records. It is the quickest way of immobilising a country," says Mr Doo.
Destroying that data wreaks havoc. Without official records to prove one's identity, the administrative system of a country collapses.
Being able to do this remotely, simply wiping the data through cyber sabotage, would produce the same outcome but without mass bloodshed.
However, the consequences and human reaction of such an attack are difficult to predict. Imagine a city without electricity, water, communications or records- and with a defunct banking system and traffic control centre. A city, or even an entire country, would be in chaos.
Everyday life relies on technology and the internet connection , and while this has helped to drive efficiency, it also creates unprecedented levels of vulnerability.
"The problem with cyberwarfare is ultimately people will [suffer] and that will make it warfare. Shutting down a state's ability to communicate, for example, is an act of warfare," says Mr Karasik.
Mr Kaspersky has asked for global cooperation from both the enterprise and government sectors to help to prevent cyber attacks, but if nation-states are masterminding this new method of war, it is unlikely many would be willing to cooperate.