Cybercriminality in Middle East during Covid-19


In the context of cyber attacks, the region of North Africa and the Middle East is not spared. Cybercriminals are exploiting the fact that authorities are currently busy preventing the pandemic from escalating into an uncontrollable situation. Attackers are taking advantage of the fact that governments have reassigned key personnel to ensure the health crisis remains under control.
A lot of different events that have occurred in the region since the start of this global pandemic. Several events that have occurred in recent weeks, were targeting banking and government infrastructure in the region. As the service is limited due to numerous curfews, cybercriminals have stepped in to launch various attacks against this critical infrastructure. While not all attacks are successful, some have allowed cybercriminals to defraud victims at a time when individual savings are becoming significant. In some cases, authorities have succeeded in identifying suspects and official investigations are underway.
At the same time, during this crisis, when people are confined to their homes, many are using social media for entertainment and fun. Cybercriminals have turned their attention to several applications widely used here, to launch various attacks. For example, on April 15, 2020, the popular Tiktok app, whose use has grown exponentially, witnessed several weaknesses exploited by cybercriminals or unapproved and unauthorized videos would be added to victims' accounts without their knowledge. It is important to note that several regional organizations are using this app and it could lead to misinformation about COVID-19.
While most countries in the region are under curfew, several organizations have allowed their employees to work from home to help authorities reduce the burden on the healthcare sector with regard to COVID-19-related infections. These companies, however, must continue to operate and have moved to online applications to host meetings and other activities required by their own mandates.
Therefore, cybercriminals are always looking for opportunities to exploit different aspects of the online community. For example, an app used to organize meetings, various conference calls, and training has become popular since most countries started to practice social distancing. A weakness in the application allowed attackers to take full control of a session. The cybercriminal could intercept everyone's audio and video during the meeting and could also inject unsolicited content during the conference or training. It goes without saying that these meetings potentially contained confidential information which was then disclosed or used in various criminal ways.
In conclusion, in the MENA region, several such attacks have taken place in all industries, local, regional or international. Due diligence has become more important than ever, as we all rely on information posted online, and we need to make sure that the data we are working on or viewing is correct. In this respect, it is recommended for every country to take security protection measures for its citizens to be safe in online environment.