Book an appointment with us, or search the directory to find the right lawyer for you directly through the app.
Find out moreThis Edition of Law Update, From Africa to Asia: Legal Narratives of Change and Continuity, takes you on a journey through dynamic markets.
Africa is undergoing a tech-driven transformation, overcoming regulatory challenges while its startup ecosystem thrives. India’s legal framework is evolving rapidly, keeping pace with its expanding economy and diverse business environment.
We also dive into China’s regulatory shifts, particularly how they are shaping investments in the MENA region, and explore Korea’s innovative global partnerships, which are driving advancements in industries across the UAE and beyond.
Read NowHaroun Khwaja - Senior Counsel - Digital & Data
June – July 2017
Today, it is not unheard of for commercial and industrial companies to come under the same level of sophisticated attack that was once reserved for states. The increasing use and reliance on technology and the proliferation of new technological devices have made us more vulnerable now than ever before. To make matters worse, sophisticated crime syndicates are using encryption to hide their activity. Consequently, any company, government entity, non-profit organisation, or individual that uses computer systems or the Internet is susceptible to a cyber attack. The drivers for these crimes are varied and include extortion, commercial sabotage, hacktivism, cyber spying, cyber terrorism, and cyber warfare. There is particular concern about the vulnerability of the healthcare sectors in many countries as they process vast amounts of sensitive personal data.
Attacks in the Middle East
The Middle East has long been a target for various types of cyber attacks.
The Shamoon attack on oil giant Saudi Aramco in 2012, described by former US defence secretary Leon Panetta as the most destructive cyber attack on a private business then seen to date, is believed by US officials to have been the work of hackers working on behalf of the Iranian government. In that attack, the virus crippled 35,000 computers at Saudi Aramco within hours by overwriting the master boot record and rendering their computers inoperable. Earlier this year, the Saudi government warned organisations in the Kingdom to be on the alert for variants of the Shamoon virus, following attacks on various ministries and government agencies. Given the continued conflicts in the region, such attacks are expected to increase.
At the time of writing, the WannaCry ransomware hack has indiscriminately hit 200,000 targets in at least 150 countries. Ransomware is a type of malicious software that blocks access to a computer system until a sum of money is paid. According to Symantec, Saudi Arabia is the most targeted country for ransomware attacks in the Middle East and Africa region, followed by the UAE.
Potential losses resulting from cyber attacks
The frequency and severity of cyber attacks increases year-on-year, and it is now imperative that organisations take a proactive strategy to manage them. Such strategies need to be targeted to ensure:
Protecting against, and recovering from, cyber attacks
A multi-pronged approach should be taken to deal with this threat in a way that covers all bases, including:
Customers should review their existing IT contracts to ensure they contain sufficient obligations on the technology vendor or IT service provider to comply with the measures above. Where the contract does not address these issues, the customer should seek to raise these concerns with vendors and service providers with a view to having terms amended to address these types of essential concerns.
Conclusion
Organisations can no longer afford to ignore cyber security threats and must put in place systems and processes to defend against and recover from cyber attacks. The recent global Wannacry ransomware hacks are a clear reminder of this. Financial institutions, healthcare providers, government agencies, airlines and online businesses are particularly vulnerable and should undertake an internal review to identify and address any weaknesses.
To learn more about our services and get the latest legal insights from across the Middle East and North Africa region, click on the link below.