Egypt among countries facing cyber threats in 2018: Kaspersky Lab

2018 could see ransomware attacks on industrial sector to obtain cryptocurrency, Suvorov says

Egypt is one of the countries likely to face cyber threats in this age, according to a report by Kaspersky Lab. About 58% of computers in Egypt have fallen victim to hackers.
Andrey Suvorov, Kaspersky Lab's head of critical infrastructure protection for global markets, told Daily News Egypt that digital attacks includes 11 trends, most prominently ransomware attacks on the industrial sector to obtain cryptocurrency payments.
What is your vision of opportunities and challenges in the Egyptian market in 2018?
There is always research in the global and regional markets seeking cybersecurity against potential cyber threats. We are always sharing the findings of such research with the government and industry officials and major companies for them to be aware of possible threats.
According to our researches, there are 400 million users linked to Kaspersky's network, which reflects confidence in our solutions. Many of those clients have a direct connection to the company's cloud computing network, which enables them to receive updates immediately to face any potential risk or threats.
For instance, if a threat is found in Asia, all clients linked to Kaspersky's cloud will receive the security updates for this threat, even if they are located far from the region where the threat emerged.
Our data show that cyber threats and digital attacks on the industrial sector account for 25% of total computers, meaning that one in every four computers in the industry sector is exposed to hacks.
Moreover, we can see that Egypt is one of the main countries that faces cyber threats, especially on computers linked to the industrial sector.
A study conducted by the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) at Kaspersky showed that Egypt was the country facing most attacks on critical infrastructure in the Arab region in 2017 through to January 2018.The study revealed that the alarming rate amounted to 58% of computers linked to industry in Egypt, including supervisory control and data acquisition (SCADA) and human machine interface being attacked in that period. The main sources of threats faced by these systems came from the internet (37%), removable devices (23%), email (5%), and networked folders (2%).
Internationally, reports suggest that 54% of the industry sector suffered one to five hacking attempts over one year.
A year ago, the situation was different. Clients did not want to share the threats they face. Yet, now, they resort to our company for advice if they face cyber threats.
How can users be encouraged to use cybersecurity applications?
As an official tasked with the global market, not the Egyptian one alone, I can tell you that there is a noticeable interest in Egypt in reliance on security solutions. Many of the industrial companies are now in talks with us to obtain our solutions.
Through our expertise in the Middle East; there are projects to be discussed with our partners. In general, in Egypt we focus on education and awareness to advise on the importance of Kaspersky solutions.
We also work on analysing the cybersecurity status of the targeted factory and its usage of cybersecurity solutions to identify its weak spots. For example, we conduct tests on hacking the important data filed via wifi.
In Egypt, we focus on the energy sector, being the main source for the industry field. If a security problem is incurred, many other services and factories will stop, causing many risks and financial damage.
There is a trend in Egypt to attack using the internet to hack databases of companies and government agencies. In addition, all removable storage devices could be used to spread cyber threats.
The American government removed Kaspersky's solutions from a number of governmental agencies, allegedly for being involved in spying?
Yes, the American government did so. However, we are not spying on any of our clients. Our services are offered to many clients in the private sector in the United States with contracts worth millions of dollars.
We are now working on establishing three transparency centres that would enable clients and government agencies to test our solutions to confirm they are not used for spying and affirm the transparency level of our operations.
We offer our services for commercial purposes only without entailing any political aspects. The Interpol and the Europol both use our services.
One of the centres will be based in the United States, another in Europe, and the third in Asia.
We are also working to take all the legal measures to pursue the American government in courts on its decision to remove our programmes from their computers.
What are the global trends of cyber threats in 2018?
We have recently published our security projections for 2018, which included 11 trends on the industry sector. The most important of them is ransomware. Hackers could penetrate factories' computers and stop their operations, seeking a ransom of millions of dollars obtained in cryptocurrencies, such as bitcoin.
Researchers at Kaspersky Lab found vulnerabilities in smart hubs used to manager smart devices and sensors installed in homes. The analysis reveals that an attacker can remotely access the server of that router and download an archived file containing personal data for users within the network, which can be used to access the user's accounts and control their home systems.
Demand for smart home network hubs is growing amid increasing popularity of smart devices that facilitate home management and make it easier for users to administer all devices and control them via the web and applications. Some of the hubs even work as a security parameter. But unifying the devices in one system makes the hub an attractive target for cybercriminals who could take it as a launching pad for remote attacks. Earlier in the year, Kaspersky Lab tested a smart home network switch to find that it had become a platform for widespread attacks based on weak password-generation algorithms and open ports. Researchers discovered during the investigation that unsafe design and many gaps in the structure of the smart device could allow criminals to reach someone's home and control their systems.
The researchers first discovered that when a hub communicates with a server, the smart network hub sends user data that includes their credentials (username and password) necessary to log on through the web interface of the hub. In addition, other personal information such as the phone number for receiving alerts can also be included. An attacker can download the archive containing this information by sending a system request to the server that contains the serial number of the network hub, which the analysis showed the ability of criminals to discover because of simple ways to generate it.
Criminals can access serial numbers through a blind power attack, a kind of attack based on only an encrypted number. It includes trying all possible keys to decrypt this number using logic analysis, and then confirm the validity of the number by making a request to the server. If a device is registered with this serial number in a cloud system, the criminals receive a positive response confirming that the number is correct, so that they can log on to the user account and control the sensor settings and network-related controls.
Kaspersky Lab has released a report of all the information about the detected vulnerabilities to the manufacturer of the hub, which is now being addressed and repaired.
Does cryptocurrency mining form a threat?
There are several challenges there. It is linked to money, not technology. A few years ago, the bitcoin was worth $600, which now soared to over $10,000. Hackers believe that cryptocurrencies are a good source of funds and can use victims' computers for mining.
We recently added a new tool in our software to protect computers from the risk of mining.