In response to increasingly sophisticated and dangerous threat situations, Dubai became the first emirate in the UAE, applying standardized cybersecurity to industrial control systems (ICS). The move was in response to a decade-long series of cyberattacks targeting a variety of businesses.
According to the representative of Dubai Electronic Security Center (DESC), new standards lead to safer and safer countries. Continue reading for more information on the upgraded protection that has long been needed in the United Arab Emirates industry.
What is DESC?
DESC was created in 2014. As explained by law, the reason DESC exists is to create a strategy to combat cybercrime targeting government and quasi-government agencies in Dubai. The bottom line is to prevent death, destruction, and economic turmoil. The goal of these efforts is to โestablish Dubai as a global leader in innovation, security and security.โ
Some may have to point it out as a Wikipedia certification. Internet enemies, UAE does not approach this topic with clean hands. Of course, we in the West need to be wary of any attacks, as both the United Kingdom and the United States are โgoodโ members on the same list.
After seven years of monitoring different state stakeholders and private sectors using different malware to attack industrial infrastructure, recent announcements on new ICS security standards will help inform the world of the Dubai industry. Now youโre ready Bend muscles with its own defense.
What is ICS?
Why do you suddenly focus on industrial control? Well, itโs not really sudden. Unfortunately, the process of developing and deploying a comprehensive response to cyber attacks takes time. And after a series of high-profile attacks that began in 2012 and continues today, the Emirate realized that it was only a matter of time before something got worse.
What exactly is ICS? The term industrial control system is a comprehensive term used to refer to the various systems, networks, controls, and devices deployed to operate and automate industrial processes.
In the modern world, ICS is an integral part of the critical infrastructure of almost every industry, including transportation, water treatment, energy, and most manufacturing facilities. Like other OPEC members, the economic health of the UAE and Dubai is closely linked to oil production. Itโs no wonder that saboteurs have focused their efforts in this direction for years. A single successful large-scale attack can have devastating consequences.
Thatโs why DESC is very committed to protecting ICS.
Deploying the solution
Since ICS does not exist in Dubaiโs private sector, the new cybersecurity standards strictly cover four government agencies: airports, state-owned oil companies, electricity and water authorities, and road / transportation authorities.
Surprisingly, most of these institutionsโ ICS software and hardware are Internet independent. This may be the reason why no catastrophic security incidents have ever occurred. But the world is changing Digital transformation security challenges It is unavoidable. It wonโt be long before these entities face even more online risks.
In reality, itโs difficult to stay completely offline in the modern world. Thatโs why DESC is taking proactive steps to protect itself from hackers at the gate. The new standard was developed by studying existing guidelines such as ISO27001. General information security standards Increasingly adopted PCI DSS-like payment compliance guidelines To protect customer data By billing and payment platform. A meeting to anticipate implementation-related issues will be held in April, and the new standard will come into effect in November.
The five major security threats addressed by the new standard are:
1. Phishing: This attempted true approach to infiltrating the network via fake email was obtained More sophisticated these days.. Modern phishers use AI to recreate past successful breaches and generate compelling voices to commit phone scams. To keep pace, some enterprise-level virtual private networks have begun to fight phishing attacks by using AI to automatically detect when they visit a malicious website. did.
2. Ransomware: last year Ransomware has become a major player When a hacker chases a school, university, hospital, or even the city government. This is a great move, as these entities often pay demand to keep public services functioning. Expect the bad guys to continue this trend and perhaps raise the ante. Think of the state and federal governments as being warned.
3. IoT: The Internet of Things has brought a whole new level of connectivity to the world. The internet no longer contains only websites, but now we need to consider the millions (billions?) Of smart devices that have been added to and created in the mix. Pandemic of security issues In the middle.
4. Internal threat: One of the biggest security threats to an organization comes from within. Some estimates indicate that one-third of all violations are the result of employee negligence or complete malice.
5. AI hacking algorithm: Advances in artificial intelligence do not just mean that good people are getting smarter. It also means that a malicious user has an algorithm that is learning to attack the network without guidance.
Hackers have already been successful for many years in infringements and attacks that undermine the indicators that define the profitability of small businesses, but the countryโs larger economy and even gloves. The following are some notable incidents that are not under-efforted, but cannot be fully realized.
History of threats
One of the earliest ongoing threats to oil and gas production in the Middle East came from Iran in the form of Shamoon virus, versions 1, 2, and 3. Shamoon1 has wiped out thousands of computers at oil and gas refineries in Saudi Arabia and Qatar. .. A wave of similar attacks was carried out in 2016 and 2017 by the updated Shamoon 2. Again in 2018 at Shamoon 3..
Bad code Industrial virus known as TritonAttempted to disable a safety system deployed by hackers in 2017 and designed to prevent occupational accidents. If this attack was successful, the end result could have been a catastrophic explosion and loss of life. It was the first time that malware poses a threat to human life.
These are just a few examples of cyberattacks that were a bit too close to comfort the Dubai government, which decided it was time to act. This is how DESC was born.
Conclusion
In recent years, the United States has become less dependent on energy (oil), but that does not mean an attack on the Middle East industry. Does not affect the world.. Itโs good for everyone when Dubai takes concrete steps to protect itself from enemies and hackers.
DESC has already consulted with other UAE Emirates to meet ICS to specifications. Absolute security is never achieved, but the more people and organizations that try to stop the bad guys, the better.
Leave a Reply