With increasing tasks – leisure, administrative or professional – happening from the convenience and assumed safety of your own home, it has become critical to not take internet safety for granted. The average household has eight devices, and with COVID inciting a professional and personal lifestyle overhaul, an already digitally-integral life was thrust at exponential speed into a digital overhaul.
This came at a big price: as cyber security awareness and operational systems were playing catch-up, rather than being one step ahead of increasingly aggressive and sophisticated attackers. As phishing and stolen user credentials have moved to top threats – with up to 67% of attacks targeting remote workers – rapid digitalization has proven a veritable goldmine for malicious intent.
While the diehard security conscious will refrain from partaking in social media platforms or even sharing any personal information over email, this may not always be the most practical, or realistic, way forward. But there are solutions. Straight from the mouths of internet security specialists, here we share the three main digital threats right now for professionals and private individuals and five attainable tips on making sure your “cyber hygiene” is in tip top shape to keep yourself, your data, and your company, safe.
As of 2021, the Middle East ranks second highest in average data breach cost, with the UAE and KSA topping the most costly – averaging $6.93 million per breach as compared to a global average of $4.24 million – and hardest to contain the following pandemic-induced changes. The region was already embracing accelerated digitalization prior to the pandemic. Combined, the vulnerability to attacks increased. While not a geographically-specific issue – PwC 24th Annual Global CEO Survey of 5050 CEOs showed that in 2021, cyber threats represented the #2 extreme concern, and 72% of UK organizations reported cyberattacks due to the technological vulnerabilities when adapting to work-from-home set ups – it does indicate that those using devices in the MENA region ought be especially conscious of continuously self-educating and improving cyber security awareness to help reduce risks.
COVID accelerated a global digital transformation towards permanent remote work set ups; attackers have leveraged this, going so far as to create COVID-related incidents, such as deploying fake PCR results to spread malware.
- Credential phishing
User credentials are everywhere – ecommerce platforms, online banking, email, social media. This social engineering attack – 96% of which are in email format – extracts that information through impersonation (of a login page, a website, a brand email, etc) wherein the unknowing victim provides information, transfers money or downloads malware. This information is then used for BEC attacks, to steal personal or company data, for identity fraud, to conduct fraudulent transactions, or sold on the dark web.
Malicious code or malware used to lock or encrypt data on an individual’s computer where it is held ransom for monetary extortion. Since the 1980s, it has become increasingly prevalent and experienced a surge during the pandemic, amounting to 10% of all breaches, with some attackers relishing the chaos and disruption it causes to individuals as well as critical sectors such as food industries, governments or hospitals.
- Business Email Compromise (BEC) scams
One of the biggest money-makers, hackers impersonate company identities and send phishing emails to a well-researched and specific single individual, whereby that person then unwittingly ends up transferring funds to the wrong recipients. It is a major pain point for companies, and it is a billion-dollar problem: FBI reports indicate that BEC scams cost companies worldwide over $26 billion between 2016-19.
Internet security exists in a human-oriented, human-touch based space, and therefore a 100% safety guarantee is impossible given the threat landscape is continuously evolving. However, with agile and proactive mindfulness, along with quick, informed responses, risks can be cut by more than half.
- Back it up. Regularly back up your data andnever pay ransomware.
- Examine requests. Even if from familiar or innocuous sources – friends or delivery companies, for example – urgent asks for monetary transfers or personal data necessitates calling the individual or company to verify first.
- Check the details. Avoid clicking on unfamiliar or “off” seeming emails, websites, or SMS messages. Here, the small details matter.
- Educate yourself. Invest in the security solutions from leading internet security providers and update and patch your software.
- Turn on multi-factor authentication. It makes you over 90% less likely to be hacked.
The common thread of all attacks is the user: they are the sole source that activates the attack. 85% of breaches involve a human element. When users are aware of the signs of risks, they are less likely to occur.
So, think twice before you click.
About The Editor
Katrina – arts, culture and lifestyle writer and editor (BFA Fine Arts, Parsons the New School for Design; MA Contemporary Art, Sotheby’s Institute of Art) – has lived in 16 countries and written for a multitude of prestigious publications in the MENA region. Based in Dubai, Kufer is interested in observing new environments and exploring cross and inter-cultural connections.