- API Penetration Testing

Top-7 Cybersecurity Breaches in Kuwait

Learn about the state of cybersecurity in Kuwait and the 7 biggest breaches in this country.
The world's going digital, so the various regional and global trends are now indicating more and more industries become deeply concerned about developing digital networks, internal management systems, data warehouses, and other innovative IT solutions.

The Middle East digital market is not an exception. According to recent reports, the Middle East's post-pandemic cybersecurity market size was estimated at $15.6 billion for 2020 and is projected to grow to $29.9 billion by 2025. Such a growing tendency is mainly represented by the proliferation of digital technologies, which are now considered to be the most important market drivers.

At the same time, plenty of GCC countries like Bahrain, UAE, and Kuwait are now experiencing an increasing demand for the adoption of technological security advancements and innovative safety solutions. The latest precautions are constantly implemented to ensure the stable performance of various companies and large organizations, as well as the critical infrastructure objects within the specific region. And, of course, to keep any sort of business secured even from the most sophisticated cyberattacks in Kuwait, it's important to always analyze the latest cybersecurity attacks in different industries.

Today, we'll uncover the most infamous cyberattacks and their impact on the performance of businesses from different industries.
#1 Kuwait Transportation and Shipping Industry Under Attack
In September 2019, the Kuwait transportation and shipping industry reported 2 major cybersecurity breaches on their IT systems that occurred between May-June 2019.

Both attacks have been identified by the Unit 42 company, and according to their expert review, were created by the same hacker.

The first campaign, named 'xHunt', was carried out when criminals managed to install the Hisoka 0.8 malware to the internal network. The backdoor tools enabled the hackers to get unauthorized remote access to the PC and its data.

The second attack was conducted in June and used the updated malware version called Hisoka 0.9 as well as Gon and EYE backdoor tools, that allowed cybercrimes to upload and download files, run commands and take screen recordings, scan for the open ports, get access to other systems on the corporate network and more.

According to the following analysis from IBM X-Force, the xHunt developers could make use of the tools used during the previous cyberattack in July 2018. This means the cybersecurity breach could have been prevented if the analysis and precautions had been conducted.
#2 Kuwait Automotive Imports Company Hacked: Massive Data Leak
However, not only the access to the internal system can be compromised: earlier in 2016, the data server of Kuwait Automotive Imports Company (KAICO) was hacked, and over 10 thousand personal accounts leaked on the Internet. It covers their personal name, email information, contact details as well as the administrators' credentials and weak system passwords. Additionally, the hacker uncovered the vehicle's information, including its registration numbers, brand, model, year, and more.

The stolen data was posted on Paste Bin with the link to file-sharing site According to the Hacked-DB company, the data was legit and had never been leaked online before. Though the reason for this cyber attack remains unknown, it is believed the criminal hacks systems to make the unqualified IT companies pay for their negligence.
#3 Kuwait's Ministry of Internal Affairs Being Intruded
At the same time, cybercrime has already become a serious problem for the entire country, not only its separate businesses. In September 2018, a group of pro-rebel Syrian hacktivists invaded the website of Kuwait's Ministry of Internal Affairs only for saying "sorry for hacking them" and asking for more help to the "people of Syria" – rebels against President Assad. The authors of that message were Shmook Amer and Dr.Hjd, the hackers that obviously speak out against the regime of Assad.

Though the page was immediately restored by Kuwait's government IT department, the cached image of the page was still available on Google Cache for some time.
#4 Phishing Attack on the National Bank of Kuwait
In fact, the financial industry in Middle Eastern countries is considered to be one of the most vulnerable to sophisticated cyberattacks at present. Not to tell about the earlier times, when the internal digital system was not that secure from the simplest data breaches and various hacking attacks – so nearly anyone with good knowledge in programming could find the weak point of a banking system or obtain the clients' bank credentials.

The most infamous phishing attack on Kuwait's financial industry dates back to May 2008, when the National Bank of Kuwait was phished. The hackers have created the faked URL, identical to the National Bank of Kuwait's official login page. Thus, once users enter their personal credentials, the next phishing page will ask for your ATM Pin and card number.

Though this case seems too outdated to be learned from, the phishing tactics of creating brilliant copies to the legitimate sites unfortunately still work, with getting more and more users trapped and their money stolen out of their bank accounts.
#5 Kuwait's Qualitynet Side-Server Database Leaked
One of the largest Internet providers on the Middle Eastern digital market has shocked its users at the InfoConnect exhibition with the announcement of increasing the pricing of their services by nearly 70%, as well as by applying the unfair downstream cap policy. It is assumed, these two major events have driven a surprising strike back to their side.

The group of hackers, also known as AnonKuwait, has attacked the Qualitynet servers to "give them a lesson". The criminals decided to make use of the security system's vulnerabilities and hacked the whole server by copying the whole server data on the SQL database. Thus, over 14MB of high school graduating students' information in a SQL format has been leaked to the domain.

Later, along with announcing the data breach, the cybercriminals have proven the provider doesn't possess the perfect security and encouraged "different organizations and ministries to cut relations with it".
#6 Kuwait's State News Agency Twitter Account Was Breached
The cybersecurity of social media accounts also matters. In January 2020, Kuwait's State News Agency (KUNA) reported that Kuwait's defense minister claimed Americans planned an "imminent withdrawal" within three days to its more than 34,000 followers on its official account on Twitter.

In fact, this news was posted by hackers, according to the announcement of the head of Kuwait's government communication office Tareq al-Muzraem. In the later series of updates, posted on their official website and Twitter pages, the "(KUNA) categorically denies reports it broadcast statements about withdrawal of US forces from Kuwait."

Though the official KUNA's Twitter account is verified, this major breach demonstrates that even the official outlets and the state media agencies can be seriously compromised to use disinformation as a powerful weapon of political pressure.
#7 Kuwait's Shopping System Was Attempted to Hack 20,000 Times
In May 2020, the cybercrime officer arrested a Kuwaiti hacker in an attempt to hack the Ministry of Commerce's system. The criminal intended to book around 20,000 shopping appointments and catering breaches during the COVID-19 curfew hours, the program provided by the Ministry of Commerce and Industry.

Due to different sources, the criminal location was detected after coordination between the Ministry of Commerce and the cybercrime department, when the Public Prosecution received the warrant to tap a list of suspicious phone numbers and landline numbers, originally used for the hacking attempts.

The hacker was caught in an apartment, in the Al Shaab Al Bahari area of Kuwait, when leaving the house for the permitted walking period. After this, the man allegedly admitted that he had committed the offense and led the officers to the home workstation he used for a cyberattack.

According to his admissions, the major goal was to get as much personal data as possible on the co-op shoppers to make a large database for the local citizens and residents. It included their personal information, like first name and last name, their home addresses, and phone numbers. The later purposes of use of this database remain unknown.

However, the security of personal data is one of the most important combinations of information that produces a personal identity. The specific details about each person stored in such a database make it really attractive for criminals to sell to third parties.
Wrapping Up
Having learned the most important cybersecurity breaches in Kuwait, you can now analyze which precautions and security improvements you should implement in your business. Getting an overall idea of the major hacking attacks within this region helps to better understand the common tactics the cybercrimes use to gain control under the system and operate its internal information.

For the IT security department, such a detailed analysis of Kuwait's cybersecurity breaches can be a powerful source of insights for the further system improvements and testing strategies they should certainly get focused on. Thus, you can significantly eliminate the number of security breaches and make your business less vulnerable to any sort of cyberattacks.

Consider using Cyberlands penetration testing services today in order to ensure the security and integrity of your business information tomorrow! Team