Assad Arabi
Building on the momentum of the FIFA World Cup to drive continued success, Qatar’s digital transformation is leading its government, corporations and people towards an innovative future. The Qatar National Vision (QNV) 2030 is focused on making the country “an advanced society capable of sustaining its development and providing a high standard of living for its people” by the end of the decade. But given the natural extensive reliance on advanced technology to get us to the finish line, the path is fraught with all of digitization’s attendant challenges; cyberthreats are the chief among them.
Qatar is among the most mature nations when it comes to cybersecurity. Its ranking in the International Telecommunications Union’s (ITU) 2020 Global Cybersecurity Index (GCI) was 27th globally out of 194 nations, and fifth in the middle east. But unfortunately, cyberthreat actors have never shrunk from targeting nations and organizations that are well protected as per the index. Trend Micro 2022 Midyear Roundup report recorded that in Qatar, Trend Micro detected and blocked more than 2.1 million email threats, some 2.2 million malicious URL victim attacks, and 14,512 URL hosts.
In post-COVID-19 Qatar, with so many organizations having migrated to the cloud, the complexity and lack of visibility in IT environments present problems for Chief Information Security Officers (CISOs) and Security Operation Centres (SOCs), and opportunities for their adversaries. In our recently published “Future Tense – Trend Micro 2023 Security Predictions” report, we reveal that security professionals now face an expanding attack surface with human elements to address on both sides of a cyber-attack. Four areas emerge for urgent re-evaluation in 2023.
1. Users
Hybrid work has now embedded itself. SOCs must make the move from point solutions to holistic postures as more employees work in uncontrollable home and remote offices. To protect end users, everyone from the SOC to the C-suite needs an individualized, comprehensive view of the digital estate. This view will relate directly to compliance issues and remind everyone of their responsibilities as they go about their daily routines.
2. Adversaries
Cyber-crime is now a sophisticated industry, albeit an illegitimate one. Ransomware has evolved to become RansomOps. Ransomware-as-a-Service (RaaS) is offered to nefarious end-users. While Qatar’s progress on security may mean better-equipped analysts and more vigilant legislators, threat actors are adaptable. In 2023, they will further refine their playbooks. To combat them, security teams must be proactive. Rather than waiting to see what the enemy does, it is important to implement holistic solutions that automate everyday tasks and reduce the incidence of false positives so that the security function can move quickly and effectively against genuine threats and only genuine threats.
3. Old vectors
While cyber-criminals hunker down to improve their methods they will not exactly be on hiatus. Expect the re-emergence of old exploits as attackers look for a quick win. In the coming year, they will leverage outdated protocols and devices that should have been decommissioned but nonetheless remain in service. Look out for these old gambits to be disguised by the latest social-engineering techniques using modern capabilities such as deepfakes. Others may twist living-off-the-land attacks to mount “living-off-the-cloud” incursions.
4. Transformative innovations
Interest in the Metaverse and NFTs has raised the profile of blockchain technology, which offers a hiding place for attackers from security professionals and law enforcement. And as open-source software becomes increasingly popular, expect more Log4Shell-style attacks.
