x Abu Dhabi, UAETuesday 23 January 2018

Vigilance key to reducing internet cyber attacks in UAE

One bank in the region lost $10 million in an email scam recently, while ATM users were warned of card fraud. The country must be on the alert and invest in research into online crime, experts say.

Every hour of every day, ruthless online criminals are devising new ways to exploit the internet to steal money from individuals and businesses. Meanwhile, groups of politicised hackers are plotting devious attacks on the critical IT infrastructure of government and financial institutions.

All evidence suggests that cyber crime - a broad term that encompasses illegal activities such as online scams, phishing, hacking and unleashing computer viruses - is on the rise, is hugely profitable and is being perpetrated by well-organised groups.

In fact, according to Norton, the software security company, the global cost of the problem was $114 billion (Dh418.8bn) in 2011.

The UAE is not immune to the phenomena. Only last December, the US Embassy warned its citizens in Abu Dhabi to be wary of using ATMs because of card fraud fears. In 2008, HSBC advised customers to change their PIN numbers after suggestions that many accounts had been compromised.

Yet commercial and governmental institutions are fighting back by bolstering their IT defences and improving their investigative and forensic capacities.

At the vanguard of this mission is the Advanced Cyber Forensics Laboratory at Zayed University in Abu Dhabi.

The facility is run by Dr Ibrahim Baggili, a lecturer in digital forensics, the branch of computer science that deals with the recovery of evidence from electronic devices. Many of his students are police officers, who then take their expertise directly into the field. "The UAE is under continuous threat from cyber crime," he admitted, "and it is on the rise, but that's the case everywhere in the world. However, people do see the UAE as a wealthy place with lots of money and when somewhere is seen as rich, everyone will want a piece of it.

"The UAE is considered the business hub of the Middle East. A lot of people come here to do business and a lot of transactions are conducted over the internet. That's why banks here need to be extra cautious."

Baggili believes the relatively low crime rate in the UAE compounds the problem.

"People do feel safe here and maybe get complacent, but people all over the world feel safe when using the internet so this is an international, rather than a local problem," he added.

"The reason cyber crimes happen is that there are bad people out there. It's as simple as that. In the past, a lot of countries focused on organised crime. Really, the emphasis should be on stopping cyber crime, because there are new organised crime groups who focus entirely on this medium."

The susceptibility of banks to these attacks was confirmed by Geoff Brooks, regional manager of AccessData, a US software company that specialises in digital forensic investigations. His company has provided Zayed University with access to their products to give students insight into cyber-security technologies.

Brooks believed one such incident typified the risks. "We went to see a bank in the region that was the target of a sophisticated attack," he recalled. "The attack came in through an email which someone clicked upon. They were playing a percentage game, knowing someone would probably open it. It then ran a piece of malicious code in the background that then gave the attacker administrator privileges on that computer. They were then able to take over that machine and start propagating the network. The next thing they knew, that bank had lost $10 million and, if someone hadn't spotted it, it could have been a hell of a lot more."

And this kind of fraud is not uncommon, he added. "A lot of these attacks do go unreported. I mean, would you continue banking with your bank if you knew that they had just had $10m stolen from them?"

Despite the severity, both Brooks and Baggili asserted that the UAE was no worse for cyber crime than anywhere else in the world. Brooks cited the recent case of the Royal Bank of Scotland in the UK, in which a so-called "glitch" shut down its payment processing facility, leaving thousands of customers unable to access their accounts or make transactions.

Brooks said: "The bank is still investigating what's happened, but with many internet banking transactions, the money has not appeared in the destination account and the money is unaccounted for.

"They're claiming it was a software upgrade. Maybe this was the case, but time will tell what really happened. From my experience, software upgrades are managed in totally different ways."

So, what can be done to repel the criminals? Baggili believes everyone needs to be more vigilant. He cited the recent hacker attack on the professional networking website LinkedIn in which millions of passwords were stolen and then posted online.

"This was just down to poor safety measures. It could have been easily averted," he stated."They were just careless in the way they implemented the way passwords were stored on their server.

"It's not that these criminals are geniuses who are doing stuff that is way ahead of us.

"We know about a lot of the things that they're doing, it's just carelessness is letting them take advantage." Brooks agreed that negligence was often the cause.

"I've had the IT guys for some organisations say 'our anti-virus hasn't picked anything up for two years and we're as clean as a whistle'. Really, no alerts should raise some red flags, because the stuff is out there."

Baggili also believes changes in policy are essential in their battle. "Although we do have federal laws against cyber crimes, these need to be tightened because technology is always changing. [The UAE's] present laws were drafted in 2006, and there are gaps.

"Also, I believe not enough money is being spent on research. In order to really counter the problem, you have to spend money on it to find out what the problem is and how to resolve it.

"This is one thing we find in academia in this country; the research is very limited and not very well structured. Although I think the government is beginning to realise that this needs to change."

In the aftermath of an attack, having an effective digital research facility is essential in both bringing the perpetrators to justice and preventing it from happening again.

Brooks said: "Often [the victim] doesn't know how the perpetrator got in or what was stolen so they ask for a forensic investigation to take place.

"They can then build the capacity to defend against such things in the future, and also, if an incident does take place, seize evidence in a forensically sound manner, analyse the evidence and take action on it."

But in reality, both experts were resigned to the fact that damage limitation, rather than complete eradication of online crime, was the ultimate goal.

Baggili said: "We're always fighting fire when it comes to cyber crime. There will always be murderers and other people doing bad things so the aim can never be to entirely wipe it out, because that isn't realistic. Instead, you have to try to mitigate it and catch those who perpetrate it."

Hugo Berger is a features writer for The National.