- API Penetration Testing

Top-10 Cybersecurity Breaches in the United Arab Emirates

Learn about the state of cybersecurity in the United Arab Emirates and the 10 biggest breaches in this country.
All 6 states of the Gulf Cooperation Council (GCC) have achieved a lot in terms of digital innovation during the last decade. However, this left them vulnerable to an increasing range of cyber threats.

In this article, we'll take a closer look at the state of cybersecurity in the United Arab Emirates. The country's government significantly invests in cybersecurity but doesn't always manage to evenly implement all the measures making local companies less resilient against large-scale cyber incidents.

The United Arab Emirates was ranked fifth in the Global Cybersecurity Index 2020, jumping 33 places, compared to the previous report. However, it was not always like that. The UAE had to step up their game though since cyberattacks increased over 190% after the world has gone remote. Still, the UAE suffers badly from ransomware attacks - numerous businesses paid more than $1,4 million in ransom, with 42% of them having to close down after the incident and 90% being attacked again.

We have found the top 10 cybersecurity breaches in the United Arab Emirates to learn from and spring back to the top as the country did.
#1 Dubai Cheers Exhibition Suffered a $53,000 Loss due to Phishing Cyber Attack
Cheers Exhibition is a company that builds and installs exhibitions for different companies on a full-service basis. They have been on the market for more than 11 years.

The email server of the company was hacked and criminals sent phishing emails to the clients. Cheers Exhibition realized that the server was hacked only after one of the clients called them on the phone to ask what it was about.

Meanwhile, the hackers managed to make a Russian client transfer over $53,000 overseas. They also realized that hackers got hold of their website as well.
#2 Airline Emirates Leaked Customers' Sensitive Data to Third Parties
The Airline Emirates is one of the biggest airline companies in the Near East. They make more than 2,500 flights a week to 122 cities in 74 countries. They carried 56 million passengers in 2018 alone.

It turned out that the company is leaking numerous data points to third-party companies like Facebook, Google, Crazy Egg, and others. They share information about customer name, e-mail, itinerary, phone number, passport number, etc. The company sends a "Manage preferences" email to the customers after the booking and the URL contained is not using protected protocol too. It can be used to access all the data.

All of this information was shared by Konark Modi, a data security engineer who was just trying to book a flight for his family. The company denied all the allegations but other cybersecurity experts backed up Modi. One of the companies even checked Airline Emirates website and found that it uses either weak or no encryption which can potentially lead to misuse.
#3 Dubai-Based Ride Hailing Startup Careem Suffered a Data Breach That Affected Millions of Customers
Careem is a ride-hailing company that is based in Dubai. It is a subsidiary of Uber and allows users to get a ride or a delivery for food and medicines. It is popular in 15 countries of the Middle East, Africa, and South Asia.

The hackers stole the data of customers and drivers from the computer system. It includes email addresses, phone numbers, and trip history. Passwords and credit cards, luckily, were not stolen since they were encrypted.

Around 14 million users were affected by the breach. They all received an email with advice for further actions. The data was not used by the criminals though.
#4 UAE Invest Bank Failed to Pay Ransomware Which Led to Customer Data Leakage
UAE Invest Bank is a large bank in the UAE that has numerous users, especially those of Internet banking.

A hacker with the nickname Hacker Buba broke into the bank system and siphoned SQL databases, data about transactions, and customer information like credit card numbers, amount of purchase, and authorization codes. They later asked for $3 million in bitcoins. The bank did not satisfy their ransom and the hacker published the stolen data on their Twitter. There was no financial loss though.
#5 Moorfields Eye Hospital Was a Victim of a Ransomware
Moorfields Eye Hospitals is one of the oldest centers for treating, teaching, and researching ophthalmology. One of its branches is based in the UAE.

The Dubai Moorfields Eye Hospital was attacked by the Ransomware group AvosLocker. They downloaded 60GB of data, including copies of ID cards, insurance claim forms, accounting documents, hospital call logs, internal memos, etc. They either sent an email or an ad with the malware and later proceeded to encrypt the data.

The company continued to offer services as usual but they contacted the affected users and started an investigation.
#6 Fraudsters Cloned Company Director's Voice In $35 Million Bank Heist
It was the second case when fraudsters used "deep voice" technology to clone human speech and voice. They called a bank in Hong Kong under the name of the UAE company director (the affected entities were not disclosed) and told them that they needed to send $35 million to different parts of the world. They also said that the US-based lawyer is accompanying the transactions and that the emails from both of them can be found in the mailbox. The bank manager did not suspect a thing and dutifully transferred the funds. He spoke to the company director just a couple of minutes before the second call and the voices were identical.

The experts say that this type of fraud can become very common in the future and will affect businesses widely.
#7 The UAE School Suffered a Cyber Attack
The school has 18 branches in the UAE. Its former IT department head who worked with them for 16 years hacked into the school system and deleted numerous files. It became possible because he knew very well what and how worked and its vulnerabilities. The school has immediately contacted the police. The latter restored the files and added more security measures to the system. The director of the IT department was later found while trying to cross the Italian border. This example clearly shows how former employees tend to take revenge and how important the quick response of the police is.
#8 The Website of Dubai Airports Was Hit by Cyber Attack
Dubai Airports takes care of both Dubai International Airport and the new Al Maktoum International Airport at the Dubai World Central development. In 2013, two hacker groups The Portugal Cyber Army and HighTech Brazil HackTeam broke into the system and stole information about employees and other data. They did not explain why they decided to steal it but the information was not used in a harmful way.
#9 UAE Government Have Been Compromised by a Cyberattack
UAE police forces and the country's Telecommunication Regulatory Authority were targets of a massive cyberattack. The latter was actually responsible for eliminating cyberattacks.

Hackers broke into the system and stole employee confidential information which opened them to the possibilities of blackmail. The governmental structures are often targeted in the UAE, up to 140 attacks per month.
#10 Dharma Ransomware Affected Numerous Companies in UAE
In 2019, a hacker spread ransomware infection, Dharma infection, in a range of companies. The infection works in a way that it encrypts all the data and logs out everyone out of the system. The decryption key had not existed at the time so the companies tried their best but could not get in. They contacted the hacker and the latter asked for a ransom in bitcoin. The company did not respond since they knew that the hacker is unlikely to give the decryption key after the first payment.
Nowadays hackers in the United Arab Emirates use different types of malware and can misuse all kinds of vulnerabilities. Even if they do not use the data in malicious ways, the reputation can be lost for a long time.

Thus, it's of utmost importance to constantly conduct security audits of your system and eliminate any weak points detected. If you need help evaluating the security of your business, feel free to contact CyberLands. We have years of experience providing penetration testing services and would help you implement a robust security strategy. Team