Kuwait is stepping up efforts to strengthen its cybersecurity credentials, amid ongoing threats to its digital services.
Two Kuwaiti companies were the targets of recent hacking attempts, according to a report published in late September by Unit 42, a division of US cybersecurity firm Palo Alto Networks.
The report stated that throughout May and June this year, hackers attacked a shipping and transportation firm using a backdoor tool called Hisoka. After gaining access to the system, several other Customs tools were downloaded to carry out post-exploitation activities.
Comparative analysis of the attack linked it to a similar hack on a government organisation between July and December last year. While there were no direct infrastructure overlaps between the two campaigns, Unit 42 analysis suggests that the activities are likely to be linked.
The new revelations follow the high-profile cybersecurity issue faced by Kuwaiti financial institution Gulf Bank in March, which resulted in the bank losing KD2.8m ($9.2m).
See also: The Report – Kuwait 2018
National Cybersecurity Strategy
To combat the threat of cybercrime, Kuwait has outlined a series of measures to improve its defensive capabilities.
In 2017 the government released its National Cybersecurity Strategy 2017-20, which includes plans to improve the cybersecurity landscape across technical, legal, regulatory and administrative dimensions.
The strategy, which also mandated for the creation of the National Cybersecurity Centre, saw authorities undertake a risk assessment analysis of 45 critical national infrastructure stakeholders, with a view to providing solutions to any perceived weaknesses or shortcomings.
Furthermore, in a sign of the growing recognition of the importance of online security in Kuwait, the country will host the second Gulf Cybersecurity Conference and Exhibition on November 13 and 14, and the fourth KIACS Cybersecurity Conference on December 1 and 2.
The recent attention has helped Kuwait’s global standing in terms of online protection. The country ranked 67th out of 175 countries globally and sixth out of 22 regionally in the 2018 Global Cybersecurity Index, released by the UN’s International Telecommunication Union, a considerable jump from 138th in the 2017 ranking.
Nevertheless, the country still has plenty of room for improvement, and in mid-2018 IT security company Trend Micro named it as the most vulnerable to cyberattacks in the GCC, jointly with the UAE.
“We often assume that smaller countries like Kuwait face fewer cybersecurity threats than larger countries. The reality, however, is that we are often targets of sophisticated attacks,” Ahmad Marouf, managing partner of Kuwaiti IT service management company Diyar United, told OBG. “Given the amount of wealth in the region, companies and governments alike are prime targets for hackers.”
Energy and financial sectors most at risk
As companies and governments continue to migrate their services online, the heightened risk of cybercrime has been concentrated in two specific sectors, namely, energy and financial services. This poses significant questions for Kuwait, given its reliance on hydrocarbons revenue.
A report released last year by the Siemens and Ponemon Institute found that around half of all cyberattacks in the Middle East targeted oil and gas firms.
While the report concluded that energy companies were not spending enough to secure their operational technology environment, industry figures note that recent cyberattacks in the industry – for example, against industry giant Saudi Aramco – have helped to raise awareness of the need for online protection.
“The oil industry has been more receptive to cybersecurity protection,” Marouf told OBG. “The 2012 Saudi Aramco attack, considered one of the most destructive in history, also played a pivotal role in alerting countries in the region to the importance of cybersecurity and the potentially disastrous consequences of cyberattacks.”
A number of financial services firms have also identified the need to improve their cybersecurity defences.