Qatar has become “an interesting target for cyber crimes” ranging from malware, phishing, defacement of websites and distributed denial-of-service (DDoS) attacks, an official of the global computer security software company, McAfee, has said.
“Qatar has been targeted recently by a diversity of attackers, ranging from individuals to groups with political motives,” said Christiaan Beek, director of Incident Response and Forensics EMEA (Europe, Middle East and Africa) McAfee.
One of the reasons he cited was that the average income of people in the country remained to be the highest in the region.
Qatar, like other nations in the Gulf region, is prone to cyber attacks aiming to get people’s banking information.
“Malware is targeting the financial sector in the Gulf region, including Qatar. Some of them are pretty clever and produce pop-up screens where the user has to fill in his or her mobile-number to get a one-time-password,” he said.
With their build threat-intelligence system, the McAfee team could identify various cyber attack patterns and trends, Beek said.
He called for more interaction between regional Computer Emergency Response Teams (CERTs) and companies like McAfee for information sharing in a bid to effectively fight cyber crime.
Beek said they investigated and supported customers who might have been hit by malware outbreaks, hacking incidents and DDoS attacks. Besides incident response and forensic work, they also provided global and regional threat intelligence to chief information officers about imminent threats.
McAfee teams have been successful in identifying people behind many attacks on financial institutions but he could not divulge the details because of confidentiality.
About online banking, he felt it was as safe as giving one’s credit card to the waitress of a restaurant. But he advised users to always check bank statements for any suspicious transactions.
He stressed that the cost of safety was hard to express. Giving an example, Beek said: “What would it cost a company if 100 computers were infected by malware and stop working? At least 100 employees cannot work for a certain time, IT-staff are scrambled on rebuilding the computers, an IR team is investigating the root cause, etc.”
“Incident Response and Forensics are keys to lower the impact of an incident. If your team reacts to a malware incident within 30 minutes versus no incident response, what would be the difference in impact? Within 30 minutes, the incident could have been isolated and contained and impact for the business: little to zero.”
He said: “Without incident response capacity, the malware incident could result in an outbreak where the impact on the company involved would be huge. Determining the root-cause will help prevent future related-incidents by adjusting the process, training people or adjusting the technology used.”
Beek reiterated that technology was not the main solution for the threats. “Many companies believe they can buy safety from a box.”
Some of his suggestions included finding the right balance among people, process and technology that would help defend and react against threats.
“Having a vision and programme on information security is the key,” said Beek.