Kaspersky shared the developments in the Middle East, Turkey and Africa (META) region and the worldwide digital threat environment at the Cyber Security META 2023 event, which was held for the 8th time this year in Kazakhstan. Kaspersky experts shared their insights on the biggest cyber threats specifically targeting governments, businesses and industrial organizations and the trends that will affect the cybersecurity landscape in the future.
Incredible increase in Trojan Horse attacks on banks in Turkey!
Artificial intelligence, the impact of corporate data on the Darknet, the risks of deepfakes and industry-specific critical threats were among the topics discussed at the event. Also of interest was the information shared about Kaspersky’s “Cyber Immunity” approach, which opens up a way to create solutions that should not be compromised and that minimize the number of potential vulnerabilities.
The cyber threat landscape continues to evolve. There are many factors to consider, such as cloud security breaches, whose risks will continue to increase in 2023. There are also growing concerns about the security of IoT devices. Attackers will target IoT devices to access users’ personal data and networks.
Crypto fraudsters at work: Trabzonspor hacked!
Trabzonspor YouTube account hacked. Images of Elon Musk from the past period are shared like a live broadcast. Here are the details…
There will also be an increase in artificial intelligence-assisted cyber attacks. Attackers will use machine learning algorithms and other artificial intelligence technologies to identify vulnerabilities and launch more sophisticated attacks. Supply chain attacks, which are becoming more and more common, will continue to increase in 2023. Attackers will target third-party vendors and suppliers to gain access to their customers’ networks and data.
Head of META Global Research and Analysis Team (GReAT), Dr. “Given the rapidly expanding limits of the threat landscape and the ever-increasing number of new digital devices, it is not surprising that we detect more than 400,000 malicious files per day, and that number is increasing every year,” says Amin Hasbini.
It is critical that individuals, businesses and governments implement strong cybersecurity measures to protect their systems and data from these evolving threats, take precautions against emerging threats, and follow the latest security trends and best practices and take proactive measures accordingly.
Gradual increase in phishing attacks
Kaspersky, which delves into social engineering cyber attacks, shared information about the most common phishing attacks in the META region. Comparing the first quarter of 2022 with the first quarter of 2023, it is aimed at users in Egypt (49%), UAE (33%), Qatar (88%), Oman (28%), Kuwait (27%) and Bahrain (20%). Increases in phishing attacks have been detected.
On the other hand, phishing attacks in Saudi Arabia saw a slight decline of 1% in the first quarter of this year compared to the same period of 2022. In the African region, phishing attacks increased in South Africa (7%), Nigeria (53%) and Kenya (87%) in the first quarter of 2023 compared to the first quarter of 2022. In Turkey, an increase of 53% was observed in the same period of 2023 compared to the first quarter of 2022.
ransomware
According to Kaspersky data, the number of ransomware attacks targeting organizations in the META region in the first quarter of 2023 decreased significantly compared to the same period in 2022. This decline was observed in the Middle East region, where the number of B2B ransomware detections fell by 61%. In the same period, while ransomware attacks decreased by 59% in Turkey, they decreased by 65% in Africa.
“This decline in ransomware attacks in the META region does not mean that the danger has disappeared,” said Dmitry Galov, Kaspersky Senior Security Researcher. We can clearly see a clear trend where ransomware is becoming more sophisticated and targeted, leaving victims with more threats.
Ransomware groups have come a long way in recent years, from disorganized gangs to businesses with the hallmarks of a full-fledged industry. These groups continue to evolve, adopting techniques such as developing cross-platform ransomware, embedding self-propagating capabilities, and even exploiting zero-day vulnerabilities that were previously only available to APT actors.
This explains why this software remains one of the top threats to business, even as detection rates are declining. This is a global trend, but the decline is higher in regions that do more to put in place appropriate safeguards at the government and organizational levels. Ransomware attacks remain a critical threat for countries that have not made much progress in cybersecurity.”
Rapid growth of banking-targeted Trojan attacks
New malware families and cyberattack campaigns contributed to the widespread increase in banking-targeted Trojan attacks during the same period of 2023 compared to Q1 2022. The country with the highest rate of this increase was Turkey with a rate of 238%.
In general, banking-targeted Trojan attacks in the Middle East in the first quarter of 2023; An increase was observed in Kuwait (218%), Egypt (186%), Saudi Arabia (168%), Oman (115), Qatar (99%), UAE (67%) and Bahrain (33%). Increases were also seen in Nigeria (268%) and Kenya (129%).
Projected cybersecurity trends in the META Region
Crime Software and Advanced Persistent Threats (APT) are projected to be at the forefront as the major drivers of growth in cybercrime.
- Crimeware, which is malicious software that is secretly installed on computers, will increase in the Middle East Region. Crime software programs, which can be Trojans, keyloggers or spyware, can represent a new type of threat, creating new challenges and vulnerabilities. There are a wide variety of Trojans that are used to record written content (keylogger), capture screenshots while using banking websites, download other malicious code, and allow hackers to gain access to one’s system. The common point of each of them stands out as ‘stealing’ the user’s confidential information such as passwords and PINs and sending them directly to the hacker. Cybercriminals who have this information use it to access a person’s bank accounts. In particular, crimeware is expected to be common in the North and South African Regions.
- APT attacks in Central and East Africa: According to Kaspersky experts, increasing digital transformation efforts in government, diplomatic institutions and industrial organizations in Central and East African countries could make organizations rich targets for sneaky APT attacks this year. In this environment, strong cyber defense and intelligence sharing is critical to identify and uncover APT patterns, neutralize cybercriminals, and break the chain of death.
- Geographical expansion of APTs: Kaspersky experts observed advanced actors carrying out focused attacks on various regions of Europe, the USA, the Middle East and Asia. While most actors previously targeted individuals in specific countries, more and more APTs now operate globally. For example, MuddyWater, an actor that previously targeted the Middle East and North Africa, has expanded its malicious activities to target organizations in Azerbaijan, Armenia, Malaysia, and Canada.