In response to the cyber boss, the Center East is going through a "cyber pandemic" as Covid exposes safety gaps


DUBAI, United Arab Emirates – The Middle East region is facing a "cyber pandemic" this year, with Covid-19 attacks skyrocketing, according to the UAE government's chief cyber security chief.

"As we entered a full online life, we saw a tremendous increase in many of these attacks," said Mohamed al-Kuwaiti, head of cyber security for the United Arab Emirates government, a CNBC-moderated panel at Gulf Information Security Expo and conference in Dubai on Sunday.

The UAE saw "at least a 250% increase" in cyberattacks this year, Al Kuwaiti said, as the pandemic forced organizations around the world to rethink the way they operate, and hackers and malicious actors took advantage of increasing digital adoption.

"There's a cyber pandemic, not just a biological pandemic," he said.

Al Kuwaiti also said the UAE was the target of "major attacks" by "activists" against the UAE after establishing formal ties with Israel in August.

"The financial sector has been one of the hardest hit areas, as has the health sector," said Al-Kuwaiti, ignoring the nature of the incidents in the UAE or their success.

The comments provide an overview of the increasingly challenging cybersecurity environment in the United Arab Emirates and the Middle East, where security breaches and attacks are widespread, often undetected, and often government sponsored.

Al Kuwaiti said a variety of sources were responsible for the attacks. "We see it from all over the region, but one is Iran," he said, reflecting the ongoing tensions in the region. Iran has also said that it has been a victim of hacking. The Iranian Foreign Ministry and the Iranian Mission to the United Nations did not respond to a request from CNBC for comment.

When asked what type of attacks were the most common, Al Kuwaiti said "phishing" and "ransomware" were becoming more sophisticated and common. A phishing attack occurs when a cybercriminal disguises himself as a legitimate person or company in order to voluntarily extract confidential information from a victim. Ransomware occurs when a hacker blocks access to a victim's files and then demands payment to restore access.

New research from multinational cyber security firm TrendMicro has shown that critical public infrastructure and government IT systems have become a major focus for hackers around the world, with ransomware being their weapon of choice.

"Current malicious actors have chosen to demand higher ransom demands from targets that are more likely to pay, such as healthcare companies and local governments," the report said.

Al Kuwaiti said the UAE had set up a new National Council on Cybersecurity to develop policies and laws to strengthen cybersecurity and ensure the country is not vulnerable to the types of attacks that could easily affect its society, government or business .

"The UAE has gone through a whole digital transformation," he said. "Our leadership's vision is to build on this transformation."

The lifting of the WhatsApp ban is still being examined

Al Kuwaiti said discussions are ongoing about lifting the ban on some Voice over Internet Protocol (VoIP) services in the UAE, such as WhatsApp and FaceTime calls.

"WhatsApp has been open for a certain portion of the time and has been used for some testing in collaboration with WhatsApp itself. There are some regulations that they still have to comply with and they are working on them," he said. He did not elaborate on those regulations.

"We are optimistic in 2021," he added.

Popular services such as Microsoft Teams, Zoom and Skype for Business are now activated and enable remote working and learning. However, WhatsApp and Facetime remain blocked for voice and video calls. This means that residents usually have to use paid services from one of the state telecommunications providers, Etisalat and Du.


Katherine Clark