Saudi cyber-security authority to thwart attacks, improve regulations
22/12/2017 Argaam Special
by Jerusha Sequeira
The recent establishment of a cyber-security authority in Saudi Arabia will boost the Kingdom’s regulatory environment and its response to cyber-attacks, analysts told Argaam.
“There is no denying that effective cyber-security is no longer a luxury but a vital necessity critical to the stability of any country, both economically as well as politically. The establishment of the new authority and linking it directly to the King is a clear signal that the leadership recognizes this and is committed to making significant improvements in that area,” said Wael Fattouh, Middle East Partner – Cyber and Technology Risk, at consultancy PwC.
Some of the benefits that PwC expects to see from the new authority are more robust regulations, improved security for the Kingdom’s critical infrastructure, as well as programs to attract and develop local talent in the field, he added.
Saudi Arabia in November launched the National Authority for Cyber Security and appointed the minister of state Musaed Al-Aiban its chairman.
The authority’s board includes the head of state security, the head of intelligence, the deputy interior minister, and the assistant minister of defense.
“Establishing an authority for cyber security is a logical and critical step in establishing a coordinated inter-agency prevention and response capability to cyber-crime,” said Will Brown, Director at Control Risks Middle East.
However, while establishing a country-wide authority is the right step, organizations will need to manage their internal processes and procedures to avoid becoming complacent or reducing their own cyber programs to compliance-based checklists against the authority's eventual standard, Brown told Argaam.
Over the past year, several Saudi government agencies have reported being targeted by cyber-attacks.
In October, the General Entertainment Authority said that its website has been hit by cyber-attacks from outside the Kingdom.
Earlier this year, the Human Resources Fund (Hadaf) was hit by an attack in January. The same month, the Saudi telecoms authority warned organizations to be on alert for the Shamoon virus, which disrupts computers by wiping their disks. The virus crippled thousands of computers at state-owned Saudi Aramco in 2012.
According to analysts, cyber-attacks on Saudi organizations tend to be politically motivated, and the Kingdom and neighboring GCC countries are often seen as soft targets.
“There is an increased level of politically motivated cyber-attacks due to the current situation in the region and the attractiveness of Saudi Arabia to organized criminals who seek financial gains, due to the high level of wealth and low level of awareness and maturity in most of the population,” PwC’s Fattouh said.
US-based cybersecurity company FireEye in a report last week said it observed an attacker using an exploit for the Microsoft Office vulnerability to target “a government organization in the Middle East.’
FireEye said it believed the activity was carried out by a suspected Iranian cyber espionage threat group, APT34. The group has targeted a variety of industries, including financial, government, energy, chemical, and telecommunications, largely focusing its operations within the Middle East.
Cyber-criminals in the region see the GCC and Saudi Arabia as an affluent, yet relatively poorly defended environment, making them an “easy target,” Brown from Control Risks noted.
“Saudi Arabia's involvement in regional conflicts such as Yemen and Syria, combined with its long-standing religious and political significance, has also increased the intent of politically motivated and state-sponsored cyber-attacks. Increasing political tensions between Saudi Arabia and Iran are also likely to manifest in increased cyber-attacks in the region,” he added.
Meanwhile, the Kingdom’s plans to build a fully-automated $500 billion megacity, NEOM, will also present challenges from a cyber-security perspective.
In an automated environment, it is crucial that operational technology – such as the elements controlling the delivery of utilities – be secured against attack, manipulation, and control, Brown said.
“Cyber security consideration must be designed into NEOM from the outset, reviewed, challenged and constantly updated. Retro-fitting security into the initiative will reduce its effectiveness and cost the government significantly more,” he added.