Few types of cyber-attack create more of a fear factor than advanced persistent threats, given that they involve infiltrating a network and remaining undetected for long periods.
The aim of these attacks is typically not to bring down the target organisation’s systems like in a ransomware attack.
Instead, the attackers are keen, over an extended period that can easily run into months, to ensure that the victim organisation does not even know they are there.
The attackers steal data, something that may have serious consequences for the organisation that falls victim.
There can be few more damaging things to a healthcare company, for example, than having patient records stolen by cybercriminals.
Frequently zero-day or near zero-day malware, namely unrecognised malware that does not raise any red flags, is used.
Often advanced persistent threats (APTs) have been carried out by state-sponsored actors, with China, Iran, Russia and the United States, among others, thought to be involved.
But the motivations of the attackers may be economic as well as political, and companies in an array of sectors are targeted.
It is of particular concern to firms in the Middle East that the dwell time – the period during which the attackers infiltrate a system without detection – in Europe, the Middle East and Africa (EMEA) is a long one.
According to the M-Trends 2019 report from the cybersecurity company FireEye, the median dwell time in EMEA was 177 days in 2018.
The Asia-Pacific (APAC) figure was slightly higher, at 204 days, but in the Americas, the median dwell time last year was much lower, at 75.5 days.
Fortunately, dwell times are now much lower than they used to be – the worldwide median figure in 2011 was 416 days – but it remains almost six months in EMEA, which is much higher than today’s global average.
This makes newly published research on the factors that can cause APTs in the UAE all the more relevant.
Dr Mathew Nicho, an assistant professor at the College of Technological Innovation at Zayed University in Dubai, has co-authored a study, entitled, “Dimensions of ‘Socio’ Vulnerabilities in Advanced Persistent Threats,” that was submitted to a conference this year.
You can read upto 3 premium stories before you subscribe to Magzter GOLD
Log-in, if you are already a subscriber
Get unlimited access to thousands of curated premium stories and 5,000+ magazines
READ THE ENTIRE ISSUE