Type of Cyber Experts that are growing in demand in Middle East
In times of a global pandemic, the digital world supports us tremendously by keeping the world connected whilst we practice social distancing.
However, what has been overlooked is the increasing online threats that suggest economies are not ready to go completely digital. The Middle East, in particular, is an attractive target for cyber attacks, as it is one of the most digitally connected countries with a high smartphone adoption rate.
We spoke to Alexandra May Haydn-Higgins, Recruitment Consultant who is a specialist in this space to share with us insights within the cyber market.
Increasing cases of fraudulent hacks, scams and privacy issues in Middle East
According to a report produced by UAE-based cyber security firm Dark Matter, breaches in the Middle East are "widespread, frequently undetected”. Below are some examples of the types of cases surfacing during this period.
- Malware attacks
Malware attacks and compromising systems through cyber warfare are the biggest issues in the Middle East region. The cybercriminal activities will keep growing in financial hubs like Dubai, Abu Dhabi, and Bahrain, although lesser in number when compared to the West. Security researchers from Cisco Talos discovered a new version of Remote Access Trojan named “JhoneRAT”, which targeted a set of enterprises in the Middle East countries.
According to the researchers, the Trojan was developed using Python and attacked the victim’s device via malicious Microsoft Office documents. It’s said that JhoneRAT targeted organizations that are based in countries including UAE, Saudi Arabia, Iraq, Libya, Algeria, Egypt, Morocco, Tunisia, Oman, Yemen, Syria, Kuwait, Bahrain, and Lebanon.
- Phishing emails
Phishing and malware attacks have surged since the outbreak of the coronavirus pandemic as more people work on home internets. Cyber experts say this makes them an easy target for hackers. Emirates Airline has alerted travellers about a new phishing attack where fraudsters send an e-mail to people that their flight has been cancelled and a refund can be claimed. The Dubai-based world's largest international carrier asked UAE residents and travellers not to respond to such fake e-mails or open links given in these e-mails.
- Hoax text messages
The widely circulated message on WhatsApp shared that people who have worked between 1990 and 2020 have the right to withdraw Dh4000 from the UAE’s Ministry of Labour. The purported message from the UAE’s Ministry of Labour contains a URL asking users to click on it to check if their name is on the list. Those who fall for the bait are led to a website called labour.rebajaslive.com where they are required to answer three easy questions.
Growing potential of its cyber security market
The Middle East cyber security market is expected to grow at a compound annual growth rate (CAGR) of 22.5% between 2018 and 2024 reported by MarketWatch. It is also believed that public and private enterprises in this region are the most targeted verticals to cyber attackers. Hence, it is important for enterprises in the Middle East to be able to identify security gaps in their systems.
To curb the rise in cases across the region, the UAE Central Bank, UAE Banks Federation, Dubai Police and Abu Dhabi Police launched their first joint national fraud awareness campaign in April 2020. This campaign will run until the end of the year, focusing on different topics every month. These include SIM swap fraud, phishing, vishing, lottery scams, vanishing ink scams, card skimming, e-mail redirection fraud, and data privacy.
Greater demand for cyber roles
Our Huxley team specialising within cyber security have noted that the demand for roles will include the following:
- Security Operations Centre (SOC) profiles
- SOC Analyst L1
- SOC Analyst L2
- SOC Analyst L3
- Network Security Engineers
As shared by Alex, a lot of demand at the moment will come from a security monitoring or troubleshooting perspective in order to make sure that everything is operating smoothly and that vulnerabilities are mitigated.
As individuals, you can also play your part to ensure your privacy and security is not compromised during this period. Our Huxley team has a few tips to help you tackle the following scams and threats.
Email phishing scams
- Check whether the alleged sender is actually the sender. Sometimes there are multiple email addresses in the list of senders. If in doubt, you can reveal all the senders by selecting 'reply';
- Don't open links and/or attachments from senders you don't know;
- Do not send personal data to unknown senders;
- If the email asks you to open an attachment or website, hover your mouse over the link to see if it leads to a web page;
- If you arrive at a web page you don't trust via email, you can see in the browser's URL bar whether you've been redirected to another website;
- Change the default password you use to connect;
- Hide the network from others;
- Do not share your password with people outside the household or close friends;
- Regularly check if any unknown devices are connected to the network;
- Be careful when downloading applications that provide unlikely information.
- Use double authentication - such as Google Authenticator - provides an extra secure environment;
- Create passwords with special characters, numbers and uppercase letters;
- Long passwords are more difficult to retrieve using the brute force attacking tactic, so make sure the password has a minimum of characters to match;
- Prevent the local storage of passwords.
Are you working within the cyber sector?
Are you an individual looking to enter the cyber sector, or is your firm looking for the right cyber talent? Contact us via the form below or view the latest job openings here.