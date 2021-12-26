



Ashraf Koheil, Director of Middle & Africa Business Development at Group-IB, said in a conversation with CNME editor Mark Forker that security solutions and service providers have a complete platform for cybersecurity. ..

Group-IB’s Ashraf Koheil has been in the Middle East for over a decade and has built a reputation as a leading thinking leader within the cybersecurity ecosystem.

Prior to being appointed Regional Director of the Middle East and Africa at Group-IB, Koheil held senior positions at Microsoft and FireEye.

At the recent Virtual Summit hosted by Group-IB, we began by discussing some of the findings from a comprehensive report investigating new threat actors and global fraud.

Some security analysts claim that the UAE and other GCC countries are more vulnerable to cyber attacks than other developed countries. According to Koheil, the United Arab Emirates was a victim of its own success.

When it comes to cyberattacks, it is no exaggeration to say that the UAE is more targeted than the rest of the region. The main reason for this is the fact that the UAE leads in so many areas of technology and innovation. EXPO 2020 is a great example of such visionary leadership that drives new innovations. However, as we know, threat actors follow the noise and become the hub of major brands. It’s not easy to say that the United Arab Emirates has been chosen, but it’s certainly a big attraction just because UAE is a leader in innovation and digital transformation, Koheil said.

Koheil also emphasized that when a company embarks on a major transformation project, there is always the unavoidable risk that some companies will be delayed, which will pave the way for fraudsters and cybercriminals. ..

We know that the United Arab Emirates is leading innovation, and in many respects other companies, as they always set business standards high in terms of the necessary transformations. It is inevitable that some companies will be late, such as larger companies, for example, because they will be able to comply faster than SMBs, making it easier for threat attackers to target some companies. Said Koheil.

Another interesting statistic that emerged from the report is that over 130 well-known and popular brands have been victims of spoofing attacks. According to the recently published Part 5 of the Group-IBs report, HI-TECH CRIME TRENDS 2021/2022 Scams and Fishing: The epidemic of online scams, another popular trend scam, has been specially targeted. The use of links. Specific victim. Group-IB Digital Risk Protection Analysts have documented the existence of this targeted fraud in more than 100 countries around the world, including the GCC region. The user receives a rogue, unique link customized for the victim. It uses the potential victim’s unique parameters (country, timezone, language, IP, browser, etc.) to display content related to fraudulent pages. Targeted links most often lead to websites that contain infamous research. Fraudsters often promise big prizes by completing an investigation. However, upon completing this survey, the user will be prompted to enter personal or payment data in the form. This data will be sent directly to the scammers. It’s very difficult to detect and remove because scammers create targeted links customized for specific users and hide the content from users who try to follow it without specific cookies. ” Mr. says.

Again, Koheil outlines how hackers are clever in monitoring which entities are embarking on large-scale marketing campaigns to re-exploit unsuspecting end users. Did.

Brand equity is very important. That huge amount of money, and that’s the majority of a company’s market capitalization. Looking at the marketing investments made by the largest brands in the Arab Emirates, whether they are telecommunications providers, retailers or airlines, fraudsters are aggressive in all media available to businesses. Advertising inevitably makes noise and attracts the attention they want from the consumer’s point of view, but the negative consequences of marketing campaigns are to warn potential threat actors. is. The company sends the offer directly to the customer. If you receive 5 offers as a consumer, you don’t know whether the 6th or 7th is a scam. This is why so many people are sacrificed because they can only be identified by the brand logo. Koheil said for these types of attacks.

In terms of what can be done to counter and thwart brand spoofing attacks in the future, Group-IB executives will find a combination of better cyber education and a responsible approach to digital risk mitigation for well-known brands. I think it will be a good remedy. Because of the problem.

A key element in stopping brand spoofing attacks is cyber education. Fraud thrives on lack of information and silence. You need to better communicate with consumers about the trend tools used by scammers and educate them on how to find them. From a corporate perspective, you need to make sure that your marketing campaign complies with the safe guidelines in place. Banking providers, for their honor, never ask customers for their personal information when they are marketing, and companies continue to send these messages when they start their marketing strategy. Always states that it needs to be strengthened. Finally, users alone can do almost nothing about the spread of fraud. Enterprises need to focus on monitoring and stopping fraudsters across their infrastructure, rather than blocking individual violations. It is important to gather knowledge about their evolving plans, tailored to target specific entities, investigate violations, and bring perpetrators to trial with law enforcement agencies, Koheil said. Said.

Over the last 12 months, we’ve seen some notable ransomware attacks that have had devastating economic impacts on targeted people.

The economics of modern ransomware attacks are far from the first ransomware attacks on banks that were $ 189. This is because Koheil pointed out that the average ransomware attack on banks last year was $ 1.25 million.

According to Group-IB’s HI-TECH CRIME TRENDS 2021/2022, data related to 2,371 companies was released on Ransomware DLS (Data Leakage Site) in the first half of 2020. This is an unprecedented 935% increase compared to the previous review period. , When data on 229 victims was released.

In the Middle East, by 2021, at least 50 organizations have been prey to ransomware attacks so far. By comparison, in 2020, data from 27 companies in the Middle East were published on DLS. This is an increase of 85%.

When asked for his view on the opinion that businesses should never pay the ransom, he agreed, but often said it wasn’t that black and white.

I agree with the assertive answer that you shouldn’t pay the ransom, but there are various scenarios that make it very difficult to determine the business situation. In my opinion, ransomware is like crying with spilled milk. There are many simple features and features today to support and prevent ransomware. However, if you say you don’t pay the ransom, you need to explain why. Looking at the threat situation today, ransomware is like Facebook for organized crime. Unfortunately, I was attending a meeting with a client and revealed that if I was hit by a ransomware attack, I would probably pay for it, so I wouldn’t invest in security infrastructure. That’s clearly the wrong approach. The question companies need to ask themselves is what they can do to prevent attacks. Cohail said.

In terms of what companies need to do to enhance security services, Koheil laments the fact that many companies believe that having the best technology protects them from cyberattacks. I did.

Many organizations think it’s because they have the latest technology, best-in-class solutions, or the most expensive firewalls that are protected, but they don’t. There are three important factors that a company needs to consider. We know that technology is important, but even if it works with a 99.9% chance, there is always a 0.1% risk of failure. Next, check the required skill sets within your organization to make sure there is a transfer of knowledge. This allows these teams to secure the best pilots for the planes they have invested in. The last piece is the escalation itself. Escalation, efficiency, and KPIs need to occur through continuous security fire drills, Koheil said.

Regarding what sets Group-IB apart from other security vendors, Koheil believed that the combination of knowledge transfer efforts and product lifecycles set it apart from its market rivals.

Group-IB has a complete platform. We are not a firewall company. We have a very special set of surgical solutions that move your environment from good to great. We are probably one of the few companies whose greatest mission for all services is the transfer of knowledge. Knowledge transfer is very important to us. For example, if you’re dealing with an incident with a client, you’ll spend the next two days on incident response training, something that no one else in the market is doing. I think another important differentiator for us is the product development life cycle. It’s very impressive. There is no quarter without adding new features to the product. Feedback from clients can also help enhance that, Koheil said.

