HIGH ALERT

Few types of cyber-attack create more of a fear factor than advanced persistent threats, given that they involve infiltrating a network and remaining undetected for long periods.

The aim of these attacks is typically not to bring down the target organisation’s systems like in a ransomware attack.

Instead, the attackers are keen, over an extended period that can easily run into months, to ensure that the victim organisation does not even know they are there.

The attackers steal data, something that may have serious consequences for the organisation that falls victim.

There can be few more damaging things to a healthcare company, for example, than having patient records stolen by cybercriminals.

Frequently zero-day or near zero-day malware, namely unrecognised malware that does not raise any red flags, is used.

Often advanced persistent threats (APTs) have been carried out by state-sponsored actors, with China, Iran, Russia and the United States, among others, thought to be involved.

But the motivations of the attackers may be economic as well as political, and companies in an array of sectors are targeted.

It is of particular concern to firms in the Middle East that the dwell time – the period during which the attackers infiltrate a system without detection – in Europe, the Middle East and Africa (EMEA) is a long one.

According to the M-Trends 2019 report from the cybersecurity company FireEye, the median dwell time in EMEA was 177 days in 2018.

The Asia-Pacific (APAC) figure was slightly higher, at 204 days, but in the Americas, the median dwell time last year was much lower, at 75.5 days.

Fortunately, dwell times are now much lower than they used to be – the worldwide median figure in 2011 was 416 days – but it remains almost six months in EMEA, which is much higher than today’s global average.