Gulf countries ‘need early-warning on cyber attacks’
Growing concerns over cybersecurity in the Arab Gulf have pushed Qatar into making it a top research priority alongside water and energy security, a meeting has heard.
But countries in the region will need to cooperate more on sharing data and setting up early warning systems to ward off cyber attacks on key assets, experts have said at the Qatar Foundation Research and Development’s annual research conference in Doha [on 24-25 November 2013].
“Countries are announcing economic wars against each other through cyberspace, so cybersecurity is essential as a defense tool,” said Faisal Al Suwaidi, president of Qatar Foundation Research and Development.
He cited an example from August 2012 when hackers attacked one of world’s largest oil producers, Saudi Aramco, in Saudi Arabia, affecting more than 30,000 workstations. Qatari natural gas company was also hit by a virus that shut down its website and email servers that same month.
Richard DeMillo, chief scientist at the Qatar Computing Research Institute, tells SciDev.Net that researchers are investigating what kind of attacks could be used to shut down the oil and gas industry, the technologies that are being used, and where such attacks originate.
DeMillo says the attack technologies are becoming more and more sophisticated. He calls for an early-warning system to combat cyber attacks, similar to that used for hurricanes.
“If countries cooperate to share early-warning information, it will help us get ahead of the people who want to do us harm.” DeMillo also points to the potential threat hackers pose to smartphones: in the last year global attacks on Android smartphones increased by 600 per cent.
“We need to think of cyber threats like the fight against cancer. It’s not going to be 100 per cent cured, but we will learn enough science to know what the vulnerabilities are,” says DeMillo.
Regional risks and preparedness
Siraj Shaikh, who studies cybersecurity at Coventry University in the United Kingdom, tells SciDev.Net that companies in Saudi Arabia at risk from cyber attack include those in construction, finance, government departments, the media and transport.
He says potential cyber conflict could arise from Saudi Arabia’s political positions on Iran, Israel, Syria and Yemen, and there is the threat of non-state actors such as the Syrian Electronic Army — a group of hackers who support the Syrian president Bashar al-Assad.
Groups like these are multiplying in the region and represent a “cause for concern”, he says, but adds that Oman, Qatar, and the United Arab Emirates have already invested heavily in cybersecurity over the last decade and have tried to adopt the security models of western countries.
Saudi Arabia has also invested a great deal over the last twenty years to promote training in computer technologies — particularly for young people — and to improve broadband and infrastructure, says Shaikh.
But he warns that its cybersecurity ambitions could be frustrated by a lack of coordination among government ministries and a lack of leadership to coordinate a national cybersecurity strategy.
Saudi Arabia needs a national policy to insure that it invests as much in security as in developing its telecommunication networks, he says.
(Reproduction of the original article http://www.scidev.net/global/technology/news/gulf-countries-need-early-warning-on-cyber-attacks.html under a Creative Commons Attribution License)