Each UAE firm risks US$1 million to ‘ransom’ attack

By Sheena Amos

CIOs should reinvent digital systems and processes

DUBAI 5 October 2017: The average Middle East organization faces high risk of ransomware attacks, which could cost nearly US$1 million, industry experts commented on the results of a report released ahead of Gitex Technology Week in Dubai.

Since the summer, hundreds of thousands of computers worldwide have been infected by the WannaCry ransomware, a malware that encrypts data and demands ransomware payment via Bitcoin currency, and the Petya ransomware, which encrypts the hard drive.

Worldwide, 30 per cent of companies have had ransomware infections, causing massive costs in sales and productivity, according to a recent survey by Imperva for security firm RSA. Data loss costs an average business $914,000, according to Dell EMC. News reports saying one recent cyberattack cost a shipping company $300 million.

Cybersecurity experts label malware an “arms race”, as hackers develop increasingly complex malware, and security vendors counter with stronger technology defenses.


“WannaCry and Petya malware attacks are not isolated incidents – every Middle East CIO needs to be prepared for malware attacks increasing in quantity and complexity, or risk massive losses,” said Savitha Bhaskar, COO at UAE-based IT infrastructure and information management consultancy and solutions provider Condo Protego.

Among verticals, the services sector is at highest risk of ransomware attacks, bearing the burden of 38 per cent of total attacks, according to a recent report by Symantec. Manufacturing, public administration, and finance and real estate also present high risk.

“The good news for Middle East CIOs is that most of them already have the technology solutions to fortify their cyber defenses. Gitex Technology Week provides the platform to educate Middle East CIOs on the importance of working with specialized cybersecurity channel partners. Partners and clients can reinvent systems and processes to prevent, mitigate, and restore their data, and enhance customer trust,” added Savitha Bhaskar.

End-to-end data center security has intrusion detection, firewalls, whitelisting/blacklisting, rootkit protection, and execution protection. Advanced threat protection can fend off endpoint attacks, and security information event management (Siem) has real-time cybersecurity analysis. Data backup and recovery solutions can restore infected systems.