Iran continues to be a major cyber threat to the Middle East

Iranian hackers are linked to cyber attacks that targeted thousands of people at more than 200 companies globally

epa07294580 (FILE) - ILLUSTRATION - A person sits in front of a computer screen in Moers, Germany, 04 January 2019 (reissued 19 Jauary 2019). Media reports on 17 January 2019 state that a record with numerous stolen user data has been published on the Internet. The collection named Collection #1 contained almost 773 million different email addresses, more than 21 million different passwords and more than a billion combinations of credentials, according to a Australian IT security expert. Internet users shall be affected worldwide.  EPA/SASCHA STEINBACH
Powered by automated translation

Iran, which is accused of launching state-sponsored cyber espionage attacks against the Middle East in the past, continues to be a major threat to businesses and government institutions across the region in 2019.

Government and defence sectors in the UAE and Saudi Arabia – the two largest economies in the Arabian Gulf – will be the main targets, as Iran seeks geopolitical prominence, according to a report released by California-based cyber-security technology company CrowdStrike.

“Governments and businesses need to be aware of the threat and be prepared to deal with that,” said Rawad Sarieddine, regional head of CrowdStrike in Dubai.

“Our report has found that Iran, along with other actors, continues to be a destructive threat, not only within the Middle East but also to companies based in western countries that may do business or maintain infrastructure in the region,” added Mr Sarieddine.

The report found that besides Iran, countries such as Russia, China and North Korea continue to maintain a professional and experienced cyber-crime capability.

CrowdStrike’s report reviewed incidents of both eCrime and state-sponsored cyberattacks across the world. The company is also hosting a cybersecurity session at Global Information Security Expo and Conference (Gisec) that started in Dubai on Monday.

eCrime is any type of criminal activity that takes place over the internet or through mobile devices.

Cybersecurity is a significant concern for Gulf countries and a growing consideration in their defence budgets as they look to curb Iranian influence in the region.

In a survey released in January in Davos by the World Economic Forum about the top risks for businesses in the next 10 years, executives in the UAE focused on technology-related concerns including cyber attacks, data fraud and the misuse of technology.

Also in January cyber-espionage analysts told The National that an Iranian group called APT39, which was mainly targeting the telecoms industry in the Middle East, had been exposed by the US-based cyber-security firm FireEye.

APT39 is different from other Iranian cyber espionage activities as its prime focus is on stealing personal data rather than targeting traditional government and commercial information, said Benjamin Read, senior manager of cyber espionage analysis at FireEye.

“APT39’s focus on personal information likely supports the planning, monitoring and tracking of intelligence operations that serve Iran’s national priorities,” said Mr Read.

In a report published last month, tech giant Microsoft linked Iranian hackers to cyber attacks that targeted thousands of people at more than 200 companies, including some in Saudi Arabia.

Cybercrime costs reached about $600 billion (Dh2.2 trillion) globally in 2017, or 0.8 per cent of the world’s gross domestic product, according to a report by McAfee, a computer security software company, and the Centre for Strategic and International Studies based in Washington.