Security Operation Center (SOC) Experts
08.04.2019
An international company specialising in preventing cyberattacks, Group-IB, has detected nearly 140,000 compromised banking cards issued by the GCC banks’ and identified compromised credentials of 7 306 users from the Gulf countries in 2018 alone.
The international company, Group-IB, along with Bahrain-based global system integrator, NGN International, recently analysed cyber-security landscape of Gulf countries in 2018. In 2018, Gulf countries including Bahrain, Kuwait, Oman, Qatar, Saudi Arabia and the United Arab Emirates (UAE) came under the spotlight of cybercriminals increasingly often.
The Group-IB Threat Intelligence team detected a total of 138 978 compromised cards issued by Gulf countries’ banks. The data is the result of analysing not only underground forums and phishing websites, but also cybercriminals’ infrastructure and malware disassembling.
“Our team continuously analyses compromised cards data all over the world. According to Group-IB’s annual Hi-Tech Crime Trends 2018 report, on average, from June 2017 to August 2018, the details of 1.8 million payment cards were uploaded to card shops monthly,” he added.
CEO of NGN International, Yaqoob AlAwadhi stated that, from 2017 to 2018, cybercrimes aimed at financial thefts increased significantly with cyber-criminals largely exploiting software vulnerabilities through phishing mailings and hacked legal resources. “The attacks lately have evolved a lot as attackers are beginning to use artificial intelligence and machine learning to bypass the defense, attempting what is known as ‘low-and-slow’ attacks,” explained Mr. AlAwadhi.
“What is important is that successful struggle with such cyber-attacks is possible. It is extremely important to react to them in time and correctly, as well as to build a competent comprehensive protection system in advance,” he added.
With the advent of IoT technologies, big data and machine learning, attack tools become more advanced and encompass several information systems and resources. “Attacks on state information systems and resources, and resources of individual enterprises and industries, can lead to negative consequences for the economy of the country, while affecting the health and lives of people,” he stressed.
“Hence, the task of preventing information security incidents for critical information infrastructures should be addressed at the legislative level. NGN International offers customers a comprehensive approach to protecting information infrastructure: from protecting important critical information infrastructure objects to round-the-clock monitoring of security incidents based on Group-IB solutions,” stated Mr. AlAwadhi.
Group-IB Threat Intelligence team also identified leaked credentials of 7,306 users from the Gulf countries in 2018, among which the company experts discovered 1 227 compromised credentials from government resources in Bahrain, Oman, Kuwait, Qatar, the UAE, and the Saudi Arabia. Upon identification of this information, Group-IB CERT reached out to region’s government CERTs to inform about the threat.
“It is important to highlight that credentials were not leaked from government systems, which are most likely safe and secure, but from the individuals who used them for personal purposes,” said Mr. Kalinin.
“However, with the credentials from government websites, hackers can not only obtain classified information, but also infiltrate government networks and maintain presence while remaining unnoticed for long periods,” he explained.
Regularly updated Group-IB Threat Intelligence system allows to get actionable information about data leaks, compromised accounts, information about malware, infected IPs, and existing vulnerabilities across the world. Group-IB collects and analyses large amounts of unique and proprietary information to deliver tailored, trusted and actionable intelligence to predict risks, while preventing and mitigating any targeted attacks.
