ABU DHABI // The Middle East is the battleground of the most complex cyber attacks in the world, an industry expert says.
In the past two years no less than five complex cyber attacks have affected critical national infrastructure sites around the Gulf, said Dan Jeffery, head of the commercial sector at Detica, a subsidiary of the British defence, security and aerospace company BAE Systems.
"The reported attacks are only the tip of the iceberg," said Mr Jeffery in a lecture yesterday at the three-day Technology, Aerospace and Cyber Security Expo at Khalifa University.
"There are many more unreported attacks that are kept under wraps to keep reputations intact and even more undetected ones."
In August, Qatar's RasGas, one of the world's largest producers of natural gas, and Saudi Aramco were victims of complex cyber attacks by a group calling itself the Cutting Sword of Justice.
"Such threats can come from individual actors, organised crime groups who seek financial gain, patriotic groups who are not state-sponsored, state-sponsored groups and ideological groups like the Cutting Sword of Justice," said Mr Jeffery.
The viruses, also known as malware, are designed to steal secrets, wipe data, shut down corporate computers and even sabotage nuclear power plants.
In June 2010, the Stuxnet virus shut down centrifuges at Iran's Natanz uranium-enrichment plant. And in September last year, the Duqu stole data for surveillance.
"Such a virus deletes itself and is untraceable," Mr Jeffery said.
The Mahdi trojan, which has affected the UAE this year, records keystrokes, screenshots and audio and steals text and image files.
It has infected computers primarily in Iran, Israel, Afghanistan, the UAE and Saudi Arabia, including systems used by critical infrastructure companies, government embassies and financial services firms.
"According to a Booz and Co report, the UAE is ranked first in the Middle East and North Africa in regards to cybersecurity infrastructure," said Mr Jeffery.
"However, what is needed is to keep feeding the manpower in the cybersecurity field by educating more Emiratis in it to keep track of this rapidly growing and evolving threat."
BAE Systems is looking to partner with UAE universities and firms to help increase expertise locally, said Simon Jewell, a senior executive at the company.
"We recognise that you have to look at the educational skills and knowledge and to develop a relationship to encourage people to develop further in these areas of technology," Mr Jewell said. "This is the first meaningful experience between Khalifa University and BAE Systems and we hope to see more activities in the future in the UAE."
[ amustafa@thenational.ae ]
