Cyber attacks are a growing problem around the world, and the United Arab Emirates has so far experienced on average 40 percent more attacks weekly in 2021 compared to 2020. According to Check Point Research, the country has seen roughly 311 weekly attacks per organization this year alone. To combat the growing number of cyber threats coming from nation states and independent cybercriminal groups alike, the Central Bank of the UAE (CBUAE) has announced the establishment of the CBUAE Networking and Cybersecurity Operations Center.
The main objective of the new Cybersecurity Operations Center will be the protection of the critical infrastructure that enables UAE’s financial sector to operate.
“In line with the CBUAE’s overarching vision, the CBUAE Networking and Cybersecurity Operations Center will strengthen the UAE’s monetary and financial systems,” said Dr. Sabri Hamed Al Azazi, Assistant Governor, Support Services and Operations, and Chief Operating Officer of CBUAE. “As Cybersecurity threats become increasingly sophisticated, it is critical that we have the necessary framework to protect our financial institutions, their infrastructure, processes, and people from these challenges”.
The Cybersecurity Operations Center will be situated in CBUAE’s Abu Dhabi headquarters. Its proximity to the nation’s major financial institutions should bring better collaboration among decision-makers, helping them respond to cybersecurity threats as they emerge.
The UK technology comparison website Comparitech analyzed the cost of cyber crime in the UAE, the figure it came up with was $746 million a year. As alarming as the number may be, it doesn’t even tell the whole story because cyber crime in the region is still severely underreported by police, government entities, as well as individuals.
Hopefully, the new Cybersecurity Operations Center will help improve the resilience and preparedness of the financial sector so that the UAE can achieve sustainable economic growth.
New Variants Of Android Spyware Are Targeting Middle East Users
Sophos recommends Android users to never install apps from untrusted sources and avoid ignoring available OS and app updates.
British security software and hardware company Sophos has recently revealed that new variants of Android spyware used by the C-23 group are actively targeting users in the Middle East.
C-23, also known as GnatSpy, FrozenCell, or VAMP, is what cybersecurity professionals refer to as an advanced persistent threat (APT) adversary. Such adversaries are typically well-funded and well-organized, which allows them to quickly evolve their tactics to overcome even the most sophisticated cybersecurity defenses.
The C-23 adversary has been known for targeting individuals in the Middle East since at least 2017, with a particular focus on the Palestinian territories.
The latest variants of its Android spyware are most likely distributed via a download link sent to victims as text messages. The link leads to a malicious app that pretends to install legitimate updates on the victim’s mobile device. When the app is launched for the first time, it requests a number of permissions that let it spy on the victim. It then disguises itself to make removal more difficult.
“The new variants use more, and more varied, disguises than previous versions, hiding behind popular app icons such as Chrome, Google, Google Play, YouTube, or the BOTIM voice-over-IP service” explain Sophos. “If targets click a fraudulent icon, the spyware launches the legitimate version of the app, while maintaining surveillance in the background”.
The information the new spyware can steal includes everything from text messages to the names of installed apps to contacts from all kinds of apps, including Facebook and WhatsApp. The spyware can even dismiss notifications and toggle “Do Not Disturb” settings.
Sophos recommends Android users to never install apps from untrusted sources and avoid ignoring available OS and app updates. The company’s own mobile antivirus app, called Sophos Intercept X for Mobile, can detect the new spyware as well as all kinds of other malicious software.