SOC, TI and IR posts

Whispers from the Dark Web Cave. Cyberthreats in the Middle East

Table of Contents

The Kaspersky Digital Footprint Intelligence team analyzed cybersecurity threats coming from dark web cybercriminals who targeted businesses and governments in the Middle East in H1 2024. Our research highlights the most severe and pervasive threats, and identifies potential risks and consequences as well as defensive strategies.

The report covers threats that targeted entities in the following countries and territories:

  • Bahrain;
  • Egypt;
  • Iraq;
  • Jordan;
  • Kuwait;
  • Lebanon;
  • Oman;
  • Palestine;
  • Qatar;
  • Saudi Arabia;
  • Syria;
  • United Arab Emirates.

The five prevalent cybersecurity threats in the Middle East covered in the report are related to:

  • The activities of ideological pirates, or hacktivists. The region has seen exponential growth in these due to the current geopolitical situation, and they are getting ever more destructive.
  • The shadow jewelry fair, or the initial access broker market. Initial access brokers deal in attack entry points for corporate networks, which attract hackers and cybercrime gangs.
  • Deadly sandworms, or ransomware gangs. At least 19 gangs were active in the Middle East in H1 2024, conducting multiple ransomware attacks that typically led to devastating consequences.
  • The ubiquity of malicious whistleblowers, or information stealers. They provide adversaries with up-to-date data for future attacks, especially valid credentials for corporate systems. Almost 10 million lines of stolen credentials belonging to Middle Eastern entities were published on the dark web in H1 2024 alone. The figure includes 4.4 million lines of access information stolen from key government agencies.
  • Cave raiders who steal sensitive data from corporations and other targets and distribute it among cybercriminals. A quarter of all data breaches affect various government organizations.

Staying aware of all possible risks coming from the dark web helps organizations and governments to be one step ahead of cybercriminals and thus, to prevent attacks or fraud that could compromise their network infrastructure or operational integrity.

Out report will be beneficial for:

  • C-level managers;
  • Corporate security employees;
  • Risk management professionals;
  • Cyberthreat Intelligence (CTI) and SOC analysts;
  • Incident response professionals;
  • OSINT and darknet researchers.

To get the full version of the report please fill in the form below.



Whispers from the Dark Web Cave. Cyberthreats in the Middle East

Your email address will not be published. Required fields are marked *

 

Reports

APT trends report Q3 2024

The report features the most significant developments relating to APT groups in Q3 2024, including hacktivist activity, new APT tools and campaigns.

BlindEagle flying high in Latin America

Kaspersky shares insights into the activity and TTPs of the BlindEagle APT, which targets organizations and individuals in Colombia, Ecuador, Chile, Panama and other Latin American countries.

Subscribe to our weekly e-mails

The hottest research right in your inbox