Exposing the UAE’s Underground Digital Dangers: The Attack Surface of One of the Most Digitally Advanced Countries in the Arab World
Victoria Kivilevich and Sharon BittonThe UAE has gained global attention for the incredible improvements the country has gone through over the last few decades. While the UAE’s economy continues to flourish, cybercriminals will carry on with their efforts of trying to identify where their next worthy targets may be. With the growing success of advancing their economy and technological capabilities, UAE-related entities must continue to push their cybersecurity efforts as well to ensure that their wealth will not be harmed by lucrative cybercriminals operating in the cybercrime underground ecosystem. This research lays out the major underground digital dangers that KELA’s researchers have identified posing a threat to UAE-related entities.
The research’s highlights include:
During the last six months (December 2020-May 2021), KELA observed numerous compromised network access listings to UAE-related private and public entities offered for sale on cybercrime forums, including one that was possibly used in an attack by the Avaddon ransomware gang.
Among these, KELA detected several threat actors specifically targeting UAE entities, by selling data and network access related to UAE companies.
KELA discovered that UAE-related email addresses were exposed more than 1.2 million times, with more than 200,000 of them being related to employees of government, educational, academic, and nonprofit entities.
KELA also identified more than 68,000 compromised accounts related to UAE users on corporate portals, social media, e-commerce stores, and government websites.