Muscat: Oman should brace for more ransomware attacks; the Sultanate’s Computer Emergency Response Team (CERT) and specialists in the country have said.
“There is a possibility of more attacks in Oman and the malware used to infect computers may be updated and attack other systems,” said Badr Al Salehi, director general of Oman’s CERT. Top consultancy firm Ernst and Young (EY) has also warned Omani institutions to expect more ransomware attacks, which crippled hundreds of thousands of computers around the globe.
“There is an immediate threat to systems. It is important that all organisations in Oman install (programme) updates as soon as possible. If there is any organisation that has not updated, then the worm can enter through that organisation and target others,” Mohammed Nayaz, partner, IT Risk and Resilience at EY, said.
Although Oman’s cyber infrastructure has remained unscathed, government institutions proactively closed down websites and e-services, buying valuable time to secure systems against a possible malware infection. “The malware is currently searching the internet for vulnerable systems and the spread of malware is likely to intensify. It is advised to take immediate appropriate action,” Nayaz added. After a series of cyber-attacks on British hospitals, WannaCry 2.0 spilled across to other sectors and countries in the world within hours.
Oman has handled more than 16,000 cyber attacks this year, which is a result of millions of attempts from all over the world, and critical national infrastructure has been the most sought-after target. “There is also an increased attack via ransomware and email blackmailing,” according to Al Salehi.
“The reason cyber-attacks will intensify is because the attackers tend to underestimate countries in the Middle East,” said Dr. Saqib Ali, associate professor at the Sultan Qaboos University’s Information Systems Department. “They think the countries here are soft targets because their security systems are not as developed as those in the United States or Europe.
“But Oman’s prevention mechanisms are pretty good, so I don’t think there are going to be many problems. A lot of people work behind the scenes in the government, they have anti-fraud teams, very good ICT infrastructure over the last 10 years, and all the Omanis employed in this sector are experts in their field.”
Arnold Santos of the Systems Department at the Military Technology College of Oman said, “In Oman, a large section of the population is below the age of 30 and they use the internet indiscriminately,” he explained. “People here are not aware of the effects of ransomware, and they tend to panic and comply with the attackers’ demands because they are scared and don’t know the consequences.
“There needs to be a culture of awareness towards cyber-attacks, because they can really harm businesses, almost irreversibly,” said Tim Marjason, managing director of Marjason Consulting and Training, a company that advises business on enforcing the right security measures.
“For example, when a new employee joins, part of the training by the HR (Human Resource) Department is to show him how to secure his system and all he works with from attacks, because all it takes is one bad system in an organisation to infect the rest.”
“Right from the top, there have to be resources allocated to security systems,” added Marjason, who was speaking at the Business Continuity and Emergency Response Middle East Forum, which is currently being held in Muscat.
“It’s very easy to say that your company is not worthy of an attack, but these can occur indiscriminately, and the attack may take place in five years’ time, or within a day, so you cannot afford to be complacent against cyber attacks.”
Nayaz suggested that companies patch a critical update “MS17-010” from Microsoft for all systems in the network immediately and block all domains related to the WannaCry Ransomware attack. “The main issue with the spread of the malware is due to the absence of a Microsoft patch MS17-10, which once patched will help stop and fortify the systems against these attacks,” added Nayaz.
“Companies need to update their antivirus software to identify threats from ransomware and ensure signatures related to detecting typical intrusive activities being updated to spot this vulnerability or exploit.”
Ways to remain safe
Do not open emails from unknown senders.
Do not open suspicious attachments from unknown senders.
Avoid including hyperlinks in emails unless you have communicated it earlier.
Do not click on links in emails unless you are expecting the email to contain a link. If you are unsure, double-check with the sender.
Avoid running macros, embedded within a document.
Make sure your Microsoft security updates are enabled.
If already infected, disconnect the computer from the network so that other computers are not affected.
To get in touch: [email protected] / [email protected]