Tech Reports
GEOPOLITICAL UNREST GENERATES AN ONSLAUGHT OF DDOS ATTACKS
NETSCOUT SYSTEMS released findings from its 2H2023 DDoS Threat Intelligence Report that dissects trends and attack methodologies adversaries use against service providers, enterprises, and end-users. The information cited in the report is gathered from NETSCOUT’s unparalleled internet visibility at a global scale, collecting, analyzing, prioritizing, and disseminating data on DDoS attacks from 214 countries and territories, 456 vertical industries, and more than 13,000 Autonomous System Numbers (ASNs). Driven by tech-savvy and politically motivated hacktivist groups and an increase in DNS water torture attacks, NETSCOUT observed more than 7 million DDoS attacks in the second half of 2023, representing a 15% increase from the first half.
Hacktivism Increases Ten-Fold
DDoS (Distributed Denial-of-Service) hacktivism transcended geographic borders during the past year, exemplifying a shift in the global security landscape. Groups like NoName057(016) and Anonymous Sudan, as well as lone hackers and small collectives, are increasingly using DDoS to target those ideologically opposed to them, for example:
- Peru experienced a 30% increase in attacks tied to protests of former Peruvian President Fujimori’s release from prison on December 6.
- Poland experienced a surge in attacks at the end of 2023 associated with a regime change and statements reaffirming Poland’s support of Ukraine in the Russia-Ukraine conflict.
- Anonymous Sudan attacked X (formerly Twitter) to influence Elon Musk regarding Starlink service in Sudan, and it attacked Telegram for suspending its main channel.
NoName057(016), Anonymous Sudan, and Killnet have taken credit for DDoS attacks in Ukraine, Russia, Israel, and Palestine targeting communications infrastructure, hospitals, and banks. Daily attacks from hacktivists increased more than ten-fold between the first and second halves of 2023. NoName057(016) topped the list of DDoS adversaries in 2023, targeting 780 websites across 35 countries.
Water Torture Attacks Rise
Targeting critical systems at the heart of the Internet’s control plane, DNS (Domain Name System) water torture attacks have been on the rise since the end of 2019. DNS query floods designed to overwhelm authoritative DNS servers experienced a massive 553% increase from 1H2020 to 2H2023. Rather than targeting one website or server, adversaries go after entire systems, resulting in even more damage.
Gaming and Gambling Targeted
NETSCOUT findings point to gaming — and the gambling associated with gaming – as a primary target for DDoS attacks. Threat actors are drawn to the sector’s substantial financial value and the goal of disrupting competitors, especially during online esports tournaments. Historically, 80-90% of all DDoS attacks are related to gaming and gambling. NETSCOUT assessed attacks on enterprises in these sectors, determining that more than 100,000 DDoS attacks were deployed against those in gaming, and over 20,500 were made against those tied to gambling in 2023.
In addition, based on NETSCOUT’s observations of the DDoS threat landscape, approximately 1% of DDoS attacks are suppressed from originating networks.
“Global adversaries have become more sophisticated in the past year attacking websites and overloading servers to lockout customers and inflict digital chaos to influence geopolitical issues,” stated Richard Hummel, senior threat intelligence lead, NETSCOUT. “The relentless barrage of DDoS threats drives up costs and creates security fatigue for network operators. They cannot safeguard their digital assets without the proper advanced DDoS protection leveraging predictive, real-time threat intelligence.”
Multiple decades of experience working with the world’s largest service providers and enterprises give NETSCOUT far-reaching visibility into the global internet to discern the pulse of the digital world. Our capacity to monitor and respond to DDoS attacks is powered by our ATLAS platform, which enables us to analyze an impressive 500 terabits per second (Tbps) of network traffic.
Reports
The Role of Generative AI in Cyber Security
GenAI and cyber security
AI is the hottest topic in the universe. Pairing AI with cybersecurity opens up vast possibilities and challenges. Many security professionals believe that integrating intelligence into cybersecurity can enhance defenses against sophisticated cyberattacks. However, cybercriminals are also leveraging AI to weaponize their assaults. Check Point partnered with market researchers at Vanson Bourne to examine how security professionals are incorporating Generative AI (GenAI) into their practices. Several key findings from their research are outlined below.
Skills gap
Despite over 70 percent of respondents feeling confident about their organization’s defenses, eighty-nine percent countered their optimism by acknowledging that employing qualified people was challenging. The cyber security skills gap puts a serious damper on how effective organizations can assemble the right defenses against AI-infused cybercrime.
“An overwhelming 89% of IT and security professionals report a significant skills gap, underscoring the urgent need for innovative solutions.”
Surveyed professionals said the skills gap significantly hampers an organization’s ability to conduct efficient security operations. A substantial 98 percent of those affected reported an “impact” on their security operations, with 40 percent citing a “strong impact.”
Enter GenAI
No organization, large or small. can ignore the potential impact of a major cyberattack. As a result, surveyed organizations said they have turned to AI-powered tools to boost cyber security, including incident response, malware protection, and data loss protection. Clearly, AI is etching its role in providing better protection of the digital landscape.
“97-99% of organizations utilize AI-powered tools, with a significant shift towards GenAI for a comprehensive security strategy.”
GenAI benefits
Organizations have embraced GenAI for strategic purposes, with many using it for over a year to bolster cybersecurity against sophisticated threats and improve incident response rates. Across all regions, GenAI tools are recognized for better understanding user behavior and anomalies. However, European respondents showed less agreement on AI’s potential for enhancing efficiency compared to APAC professionals, who indicated GenAI’s role in streamlining security operations and resource allocation.
The skills gap paradox and GenAI
Bridging the Gap: GenAI can be an ally in addressing the skills gap. It offers a way to augment existing capabilities and improve efficiency, especially in sectors with a high demand for cyber security proficiency.
“Gen-AI is instrumental in closing the cyber security skills gap, with 98% of affected organizations recognizing its impact on operational efficiency.”
Industry-specific insights
The impact of GenAI varies across sectors, with particular benefits observed in healthcare and finance. These sectors recognize Gen-AI’s potential to significantly reduce manual work and increase the efficiency of incident response.
To this survey question, “Thinking about GenAI / AI/ML Deep-Learning, to what extent do you agree or disagree with the following statements,” most respondents agreed that AI tools will improve their efficiency, increase their incident response rates, and help close skills gaps in their organizations.
Here are other results:
• GenAI has/can significantly reduce manual work for our security team: Healthcare (32% lower)
• AI/ML Deep Learning has/can greatly increase our efficiency with incident response: Energy, oil/gas, and utilities (36% higher)
• Gen AI has/can significantly increase our catch rate: Finance/banking/investments (35% higher)
• AL/ML Deep Learning has/can help to substantially bridge the cyber security skills gap in my organization (for those experiencing skills gap in cyber security operations): Finance/banking/investments (28% improvement)
Investment and Implementation
The commitment to integrating GenAI into cyber security is strong, with 90 percent of organizations planning to prioritize AI/ML and GenAI tools. This is accompanied by an anticipated increase in budget allocations for GenAI tools.
“90% of organizations prioritize investments in GenAI tools, reflecting a strategic shift towards innovative cyber security solutions.”
GenAI Transformation
While the outlook is optimistic, concerns and challenges do remain. Organizations highlight the importance of keeping AI models updated while being cognizant of the challenges, such as ensuring compliance with data regulations.
The journey towards a GenAI-integrated security landscape will offer security leaders both rewards and challenges. However, it’s clear, GenAI will help transform organizations as cyber security providers incorporate greater intelligence. Embracing GenAI with strategic foresight will pave the way for a more secure and resilient digital future.
Tech Reports
The Top Digital Threats Facing Organizations in the Region
Top threats
- Of nearly 30,000 critical risk alerts identified by Help AG in 2023, the dominant threat categories were found to be Credential Theft (49%) and Brand Abuse (39%), while Data Leakage and Phishing represented 10% and 1.5% of use cases respectively.
- Cyberthreats majorly impacted the Education (36%), Aviation (29%), and Healthcare sectors (15%), which represented a combined 80% of targeted organizations in the GCC.
- Organizations in the Government (8%), Investment (7%), and Banking and Finance (4%) sectors followed, as transactions in these sectors became increasingly digitized.
- There was a 42% jump in Distributed Denial-of-Service (DDoS) attacks in 2023, with Help AG recording 213,434 attacks of this nature.
- The longest DDoS attack lasted for over 5 days, while the largest attack by bandwidth logged in at a record-breaking rate of 461.5 Gigabits per second (Gbps).
- 40% of DDoS attacks targeted the Government sector in 2023, followed by 29% for the Telecoms sector, 9% for Aviation, and 5% for Oil & Gas.
- The Financial and Telecoms sector experienced the largest DDoS attacks by volume, logging in at 461.5 Gbps and 302.2 Gbps, respectively.
- Trends in cybersecurity investment
- In 2023, cyber defense investments doubled amid the continuing digital transformation surge, with GCC enterprises and governments exhibiting growth in:
Cybersecurity Estate Consolidation: 100+% growth in technology and vendor relationships consolidation.
Managed Cyber Defense: Investment skyrockets due to the increasing complexity of the digital threat landscape.
Cybersecurity Advisory: 2x growth in investments due to the growing regulatory compliance requirements.
DDoS Protection: Complementing classic DDoS protection with adaptive solutions.
- Investments spanned preventative, detective, responsive, and predictive controls.
- Multi-factor authentication implementations rose by 16%, while patch management processes saw a 13% increase, highlighting critical efforts to thwart threat actors and maintain system integrity.
- Implementation of web application firewalls increased by 9%, and identity access management also grew by 9%, indicating a strengthening of web and identity security frameworks.
- Privileged access management saw a 10% increase, enhancing security for critical server access, and dedicated data activity monitoring rose by 15%, reflecting growing concerns over data privacy and protection.
Tech Reports
Digitech’s Digital Transformation Odyssey in Egypt with Catalyst
An Oracle NetSuite Go-Live success story
In the vibrant city of Cairo, Digitech, a subsidiary of the renowned Noventiq Group, embarked on a transformative journey to revolutionise its operations in Egypt and align with the Noventiq standards of excellence.
Client Background
Before its acquisition by Noventiq, Digitech had relied on a manual, Excel-based approach to managing its business processes. This legacy system hindered efficiency and scalability, making it imperative for Digitech to embrace digital transformation.
Challenges Faced
- Transition from Manual to Automated Processes: Digitech’s primary challenge was to seamlessly migrate from manual, Excel-based processes to a fully automated system.
- Localization and Compliance: Operating in Egypt presented dual challenges of complying with local regulations and adhering to Noventiq’s industry standards.
- Training and Empowerment: With no prior experience in system automation, Digitech’s team required extensive training to equip them with the necessary skills for the transition.
The Solution
Digitech partnered with Catalyst, a leading NetSuite Solution Provider, to design and implement a comprehensive solution that addressed the company’s unique needs. The focus was on achieving localization as per Egyptian regulations while upholding Noventiq industry standards and best practices.
Go-Live Milestone
After months of meticulous planning and implementation, Digitech achieved a successful Go-Live, marking a pivotal moment in their digital transformation journey. This milestone signified Digitech’s embrace of automation and a transformative shift in its business operations.
Benefits Realised
- Seamless End-to-End Automation: Digitech achieved seamless end-to-end automation across its operations, eliminating manual bottlenecks and enhancing overall efficiency.
- Streamlined Billing and Compliance: Integration with e-Invoicing streamlined Digitech’s billing processes, ensuring compliance with Egyptian tax authorities, and reducing the risk of errors.
- Scalable and Replicable Solution: With subsidiaries in multiple countries, Digitech now has a scalable and replicable success story that can be applied to future expansions into other regions.
Results Achieved
Digitech’s digital transformation journey yielded transformative results:
- Enhanced Operational Efficiency: Automation significantly boosted operational efficiency, enabling Digitech to focus on innovation and client satisfaction.
- Secure and Stable Operational Environment: Localization efforts ensured compliance with Egyptian regulations, providing a secure and stable operational foundation.
- Replicable Success in Multiple Markets: The success in Egypt lays the groundwork for Digitech to replicate the achievements across its global subsidiaries.
Future Outlook
Armed with a fully automated system and a future-ready infrastructure, Digitech is poised for sustained growth and continued innovation. The success story in Egypt serves as a testament to Digitech’s commitment to excellence and sets the stage for further advancements in the ever-evolving landscape of digital transformation.
Catalyst: Your Transformation and Protection Partner in a Globalised World
Catalyst, a Silicon Valley-based technology consulting firm with a global presence in over 15 EMEA countries, empowers organizations to thrive in today’s dynamic landscape. We specialize in Business Applications, Business Platforms, Cybersecurity, and Cloud Adoption, guiding our clients through successful transformations and ensuring their digital landscapes remain secure.
-
Tech Interviews4 months ago
Navigating the Cybersecurity Landscape in Hybrid Work Environments
-
Features1 month ago
Security in the Cloud Age: Combating Risks with Hybrid Cloud Solutions
-
Tech Features5 months ago
How Telecommunications Providers Can Best Tackle DDoS Attacks
-
Tech News6 months ago
Google Appoints Ziad Jammal as Google Cloud Country Manager in the United Arab Emirates
-
Automotive4 months ago
Al-Futtaim Automotive Builds On 23-Year Legacy of Trust & Leadership in UAE’s Pre-Owned Car Market to Sell Over 25,000 Used Vehicles in 2023
-
Tech Features2 weeks ago
The Middle East to Lead with Next-generation Mission Critical Communication Advancement
-
Tech News7 months ago
Senet enters MENA’s Competitive Gaming Scene with ‘skill-to-earn’ Platform
-
Tech News4 months ago
Brighton College Abu Dhabi and Brighton College Al Ain Donate 954 IT Devices in Support of ‘Donate Your Own Device’ Campaign