Why Ransomware Could Surge in the Middle East & Africa

Why Ransomware Could Surge in the Middle East & Africa

November 29, 2023 at 12:07PM

Recent data indicate that cyberattacks, particularly ransomware, are intensifying in the Middle East and Africa due to geopolitical conflicts. South Africa experienced a sharp rise in attacks, whereas the UAE saw a decline following international efforts. Israel and its conflict with Palestinians are likely catalysts for further escalation. While cybercrime data in the region is limited, two-thirds of attacks target Israel, UAE, Saudi Arabia, and Jordan, focusing on sectors like education and government. Iran-linked actors have shifted their focus to Israel, and the region is urged to enhance cybersecurity measures as threats and vulnerabilities in digital infrastructures increase.

**Key Takeaways from Meeting Notes:**

1. **Impact of Geopolitical Tensions:**
– Cyberattacks, including ransomware, are expected to increase in the Middle East and Africa (ME&A) due to ongoing geopolitical conflicts.
– Similar to the cyber escalation observed following Russia’s invasion of Ukraine, tensions between Israel and Palestinians are likely to spur more cyber operations.

2. **Ransomware Trends:**
– South Africa experienced a significant increase in ransomware attacks, with 78% of companies affected in 2023.
– The UAE saw a 70% reduction in ransomware attacks in 2022, attributed to enhanced international cooperation.
– Comprehensive data on ransomware attacks in the region remains scarce.

3. **Notable Ransomware Data:**
– The “State of Ransomware 2023” report by Sophos highlighted that attacks in South Africa jumped from 51% to 78% of companies between 2022 and 2023.
– Microsoft’s “Digital Defense Report 2023” points out that the top four ransomware families accounted for 65% of all ransomware encounters.
– Blackcat ransomware specifically targeted Israel.

4. **Cyberattack Targets in ME&A:**
– Two-thirds of cyberattacks in ME&A target Israel, the UAE, Saudi Arabia, or Jordan.
– Primary sectors hit are education, government, IT, and communications.

5. **Iran-Linked Cyber Activities:**
– Shift in focus from US to Israel by Iran-linked actors from July 2022 to June 2023.
– Iran’s cyber-enabled influence operations aimed at various geopolitical objectives.

6. **Role of Russian Interests:**
– Russia may be influencing a reduction in ransomware activities in ME&A due to its own interests in the region.

7. **Cybersecurity Challenges and Responses:**
– Cybersecurity maturity is lower in the Middle East compared to Western regions.
– Material loss of sensitive information was reported by 65% of CISOs in Saudi Arabia and 47% in the UAE.
– Firms are increasing cyber budgets, with 77% planning increases for 2024, seeking to address digital vulnerabilities.

8. **Cybersecurity Investment and Management:**
– There is a need for Middle Eastern companies to enhance their cybersecurity measures and basic digital hygiene practices.
– Connected device and cloud threats are top concerns.
– Loss of revenue due to cyberattacks is a major worry for businesses in the region.
– Device management is crucial as over 80% of compromises begin with unmanaged devices.

Full Article