Cyber attacks will get violent in the future
Security expert at telecom company du warns about evolving online crimes, urging people ‘to anticipate the worst’
DUBAI // The next wave of cyber attacks will attempt to take human lives, according to a senior officer at the telecommunications operator du. Although the country was taking steps to establish better protection against attacks on critical national infrastructure, Tamer El Bahey, who is the senior director of security monitoring and operations at du, said more investment was needed for detecting and responding to incidents.
“In the evolution of cyber attacks, we started from those that caused annoyance to people. Then we moved to those that would disrupt network and services on organisations,” he said.
“Now, we are in the era of attacks where most information is exposed. Credit card information is being stolen and we should anticipate the worst.” Mr El Bahey, who addressed an audience at Intersec in Dubai yesterday, said such new attacks would involve hacking remote devices.
“For example, you can disable a car’s brakes or engine while it is moving or a pacemaker in hospitals, which would play with configuration and cause death to patients,” he said.
“There are lots of attacks against critical national infrastructure like one that happened in Australia, where they hacked into the water system and started to release untreated water into the water stream.
“So imagine if someone released poisonous chemicals into the water stream of people and they got seriously sick and died.” Matthew Cochran, chairman of Defence Marketing Services Council in Abu Dhabi, said the threat level was growing.
“There is a lack of cyber se- curity awareness and many of the things that people must be aware of are things like access control,” he said.
“It’s not about physical access control any more. It’s about your mobile device and anything that’s connected to the internet. The internet brings great possibilities but also, if unchecked, could bring new threats that we haven’t seen; and that will start with the telecommunications and network security.”
The UAE’s National Electronic Security Authority is taking strict measures to counter such threats.
“In the UAE, we use a lot of technology,” Mr El Bahey said. “The UAE is now establishing these kinds of controls, telling people they need to make sure their critical national infrastructure [must] be protected, resilient and can absorb these kinds of attacks. It is leading in the Middle East and the Gulf.”
Simon Williams, global business continuity manager at National Bank of Abu Dhabi, said the UAE was well prepared for any attack but there was no room for complacency.
“We need to identify critical infrastructure and it should be the focus of our investment,” Mr El Bahey said.
“We need to better invest in detection and incident-response capabilities. Prevention isn’t working or helping any more. We need to balance the investment because 85 per cent is invested by the industry in preventive controls, while just 15 per cent on detective and incident response. We need to have a fair share between the two.”
The UAE’s National Electronic Security Authority is taking strict measures to counter cyber threats