Sunday, May 19, 2024

150K+ Networking Devices & Apps Found Online with Critical Vulnerabilities

The “State of the UAE—Cybersecurity Report 2024,” a collaborative effort by the UAE Cyber Security Council and CPX Holding, has released the United Arab Emirates (UAE) cybersecurity landscape.

The report presents a detailed examination of the cyber threats that the nation faces, highlighting the critical need for advanced cybersecurity measures.

The report has uncovered over 155,000 vulnerable assets within the UAE, with 40 percent of critical vulnerabilities left unaddressed for over five years.

This significant number of exposed assets, combined with the rise in sophisticated cyber-attacks such as ransomware, underscores the urgent need for robust cyber defenses in a region known for its AI-driven technological advancements and geopolitical importance.

Ransomware and Data Breaches: A Growing Concern

Ransomware attacks account for more than half of the cyber incidents in the UAE, with the Government, Energy, and Information Technology sectors being the prime targets.

Traditional attack vectors like Business Email Compromise (BEC) and phishing are still prevalent. They are expected to evolve with the integration of AI tools, making social engineering and phishing attempts more sophisticated.

The Middle East, including the UAE, faces the second-highest data breach costs globally, indicating the economic motivations of cyber threat actors amidst the region’s prosperity, as reported by CPX.

The increase in Distributed Denial of Service (DDoS) attacks further highlights the geopolitical complexity of cyber threats.

National Call to Action by UAE Officials

H.E. Dr. Mohamed Al Kuwaiti, Head of Cyber Security for the UAE Government, emphasized the critical need for collective vigilance and strategic action to counter these sophisticated cyber threats.

He called for an ecosystem-wide proactive engagement to reduce the nation’s vulnerability.

TECHx recently tweeted about the release of the ‘State of the UAE—Cybersecurity Report 2024’, which illuminates potential security weaknesses and the importance of a proactive approach to combating cyber threats.

Hadi Anwar, Executive Director of Strategic Programs at CPX, pointed out the economic vulnerabilities highlighted in the report and called for a unified approach to strengthen national defenses.

He stressed the importance of adopting advanced technologies, fostering a culture of cyber awareness, and building resilience.

Strategic Guide for Cyber Resilience

The report, compiled by a consortium of cybersecurity experts, serves as a strategic guide for government entities, businesses, and individuals.

It provides actionable insights to navigate the complexities of the digital era and outlines key best practices to mitigate cyber risks:

  • Implement Endpoint Detection and Response (EDR): This is essential for identifying and mitigating threats and ensuring visibility across digital assets.
  • Establish a 24/7 Security Operation Centre (SOC): Vital for continuous surveillance and management of cyber incidents.
  • Leverage Cyber Threat Intelligence: Crucial for anticipating and neutralizing emerging threats through informed decision-making.
  • Create and Implement an Incident Response Plan: Fundamental for preparedness and swift action during cyber incidents.
  • Adopt Proactive Threat Hunting Processes: A forward-looking approach to identify and mitigate hidden threats, enhancing security posture.

As the UAE continues to lead in digital transformation, the report underscores the need for a concerted effort from all sectors to ensure the resilience and security of the nation’s digital landscape.

With Perimeter81 malware protection, you can block malware, including Trojans, ransomware, spyware, rootkits, worms, and zero-day exploits. All are incredibly harmful and can wreak havoc on your network.

Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.

Website

Latest articles

Hackers Exploiting Docusign With Phishing Attack To Steal Credentials

Hackers prefer phishing as it exploits human vulnerabilities rather than technical flaws which make...

Norway Recommends Replacing SSLVPN/WebVPN to Stop Cyber Attacks

A very important message from the Norwegian National Cyber Security Centre (NCSC) says that...

New Linux Backdoor Attacking Linux Users Via Installation Packages

Linux is widely used in numerous servers, cloud infrastructure, and Internet of Things devices,...

ViperSoftX Malware Uses Deep Learning Model To Execute Commands

ViperSoftX malware, known for stealing cryptocurrency information, now leverages Tesseract, an open-source OCR engine,...

Santander Data Breach: Hackers Accessed Company Database

Santander has confirmed that there was a major data breach that affected its workers...

U.S. Govt Announces Rewards up to $5 Million for North Korean IT Workers

The U.S. government has offered a prize of up to $5 million for information...

Russian APT Hackers Attacking Critical Infrastructure

Russia leverages a mix of state-backed Advanced Persistent Threat (APT) groups and financially motivated...
Divya
Divya
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Free Webinar

Live API Attack Simulation

94% of organizations experience security problems in production APIs, and one in five suffers a data breach. As a result, cyber-attacks on APIs increased from 35% in 2022 to 46% in 2023, and this trend continues to rise.
Key takeaways include:

  • An exploit of OWASP API Top 10 vulnerability
  • A brute force ATO (Account Takeover) attack on API
  • A DDoS attack on an API
  • Positive security model automation to prevent API attacks

Related Articles