Book an appointment with us, or search the directory to find the right lawyer for you directly through the app.Find out more
We are excited to share the latest edition of the Law Update, beautifully and appropriately titled “Sustainable Horizons: The Saudi Arabian Vision.” Giving special honor to the Kingdom’s 2030 vision, this update focuses on a collection of both informative and inspiring articles.
For those in construction, you can learn about how the tendering environment impacts risk-pricing for contractors, the updates on the legal framework of the construction industry and how contractors can protect themselves against financial difficulties.
There is good news too from the kingdom’s banking sector, from which the practice of “Open Banking” is being pushed for! But what is open banking? We’re answering that too.
Also . . . Are there any women trail blazers in Saudi Arabia you can name? We’ll help you with that. We cover how the Middle East has been making strides in empowering women in the entrepreneurial space,most notably in STEM fields.Read the full edition
Haroun Khwaja - Senior Counsel - Digital & Data
June – July 2017
Today, it is not unheard of for commercial and industrial companies to come under the same level of sophisticated attack that was once reserved for states. The increasing use and reliance on technology and the proliferation of new technological devices have made us more vulnerable now than ever before. To make matters worse, sophisticated crime syndicates are using encryption to hide their activity. Consequently, any company, government entity, non-profit organisation, or individual that uses computer systems or the Internet is susceptible to a cyber attack. The drivers for these crimes are varied and include extortion, commercial sabotage, hacktivism, cyber spying, cyber terrorism, and cyber warfare. There is particular concern about the vulnerability of the healthcare sectors in many countries as they process vast amounts of sensitive personal data.
Attacks in the Middle East
The Middle East has long been a target for various types of cyber attacks.
The Shamoon attack on oil giant Saudi Aramco in 2012, described by former US defence secretary Leon Panetta as the most destructive cyber attack on a private business then seen to date, is believed by US officials to have been the work of hackers working on behalf of the Iranian government. In that attack, the virus crippled 35,000 computers at Saudi Aramco within hours by overwriting the master boot record and rendering their computers inoperable. Earlier this year, the Saudi government warned organisations in the Kingdom to be on the alert for variants of the Shamoon virus, following attacks on various ministries and government agencies. Given the continued conflicts in the region, such attacks are expected to increase.
At the time of writing, the WannaCry ransomware hack has indiscriminately hit 200,000 targets in at least 150 countries. Ransomware is a type of malicious software that blocks access to a computer system until a sum of money is paid. According to Symantec, Saudi Arabia is the most targeted country for ransomware attacks in the Middle East and Africa region, followed by the UAE.
Potential losses resulting from cyber attacks
The frequency and severity of cyber attacks increases year-on-year, and it is now imperative that organisations take a proactive strategy to manage them. Such strategies need to be targeted to ensure:
Protecting against, and recovering from, cyber attacks
A multi-pronged approach should be taken to deal with this threat in a way that covers all bases, including:
Customers should review their existing IT contracts to ensure they contain sufficient obligations on the technology vendor or IT service provider to comply with the measures above. Where the contract does not address these issues, the customer should seek to raise these concerns with vendors and service providers with a view to having terms amended to address these types of essential concerns.
Organisations can no longer afford to ignore cyber security threats and must put in place systems and processes to defend against and recover from cyber attacks. The recent global Wannacry ransomware hacks are a clear reminder of this. Financial institutions, healthcare providers, government agencies, airlines and online businesses are particularly vulnerable and should undertake an internal review to identify and address any weaknesses.
To learn more about our services and get the latest legal insights from across the Middle East and North Africa region, click on the link below.