Top Stories
Top Stories
Cybersecurity

Cyberattacks in the Middle East are on the rise. Here's who they're targeting

Key Points
  • Cyberattacks in the Middle East are on the rise, and many of them are targeting the oil and gas sector, according to a new report from cybersecurity firm DarkMatter.
  • Earlier this year, DarkMatter was hit by allegations that it was linked to a surveillance and hacking operation carried out for the UAE government.
An illustration of a hacker working at a laptop.
Bill Hinton | Getty Images

Cyberattacks in the Middle East are on the rise, according to a new report.

The Middle East region, and especially the United Arab Emirates, saw a growing number of attacks in the six months leading to March this year, according to DarkMatter, a cybersecurity firm based in the UAE.

In particular, those operations targeted the oil and gas sector, telecommunications, governments and other critical infrastructure, said the firm, which recorded those incidents from October to March 2019.

"Oil and Gas in particular, a pillar of the UAE's economy that is of strategic importance to the world, faces the greatest risks," the report said.

In fact, half of all cyberattacks in the Middle East target the oil and gas sector, according to DarkMatter, which cited findings from a Siemens and Ponemon Institute report.

Cyber-espionage and sabotage are the chief motivations for groups carrying out such attacks, according to the report. Their preferred mode of duping targets is through spear phishing, a practice of sending emails from ostensibly a trusted sender in order to trick them into revealing information.

DarkMatter highlighted seven attacks in the Middle East region in the months leading to March this year.

One such attack, which came to light on January 9, was carried out using malicious Microsoft Excel documents containing politically charged content in Arabic, according to the report.

"The campaign was aimed at the government, the transport industry and educational institutions in the Middle East, using lure documents containing malicious code to extract information from its targets. The group continues to deliver politically motivated content while developing new techniques to enrich its expanding playbook," said the report.

The recent development shows a greater interest in stealing personal data, in contrast with other Iranian groups that traditionally target government and commercial information.
DarkMatter cybersecurity report

Another cyber-espionage attack in March was carried out by a group "believed to be sponsored by the Iranian government," said the report.

Its victims included telecommunications companies in Turkey, said DarkMatter. It also targeted diplomatic missions within Iran, where it "sought to harvest personal data about individuals of interest," the cybersecurity firm said.

"The recent development shows a greater interest in stealing personal data, in contrast with other Iranian groups that traditionally target government and commercial information," the report said.

UAE is an attractive target

The UAE, in particular, is an attractive target for cyberattacks, as it is one of the most digitally connected countries with a high smartphone adoption rate, said the report.

"Every government ... (will) have to protect the sovereignty of their data and communications. You should not take this for granted," DarkMatter Chief Executive Karim Sabbagh told CNBC on Monday.

Earlier this year, DarkMatter was hit by allegations that it was linked to a surveillance and hacking operation carried out on behalf of the UAE government — called Project Raven.

VIDEO3:0503:05
Darkmatter CEO: We do not spy on UAE citizens

According to Reuters, which published an in-depth investigative report in January, DarkMatter was allegedly contracted by the UAE government in 2015.

The project allegedly enlisted former U.S. intelligence professionals to work with Emiratis to develop highly sophisticated hacking and surveillance techniques for the UAE government's National Electronic Security Authority.

Sabbagh denied those accusations, telling CNBC on Monday: "The claim is false. The cybersecurity capabilities that we engage in are for defensive purposes only."

The Reuters report noted that the offensive cyber operations were likely not known to DarkMatter's executives and that the spying activities were highly compartmentalized.

— CNBC's Natasha Turak contributed to this report.

Each morning, the “Beyond the Valley” newsletter brings you all the latest from the vast, dynamic world of tech – outside the Silicon Valley.

Subscribe:

By signing up for newsletters, you are agreeing to our Terms of Use and Privacy Policy.