Global cyber crime costs are expected to increase by nearly 15 per cent on a yearly basis over the next four years to reach $10.5 trillion annually by 2025, from $3tn in 2015, California research company Cybersecurity Ventures has said.
Cyber criminals have taken note of successful tactics from this year, including those making headlines tied to ransomware, nation states, social media and the shifting reliance on a remote workforce.
Industry experts expect them to pivot those into next year's campaigns and grow in sophistication, wielding the potential to wreak more havoc across industries.
“Over this past year, we have seen cyber criminals get smarter and quicker at retooling their tactics to follow new bad actor schemes – from ransomware to nation states – and we don’t anticipate that changing in 2022,” Raj Samani, fellow and chief scientist of the combined company formed after the merger of McAfee Enterprise and FireEye, said.
“With the evolving threat landscape and continued impact of the global pandemic, it is crucial that enterprises stay aware of the cyber security trends so that they can be proactive and actionable in protecting their information,” Mr Samani said.
The National looks at the top 10 cyber security trends of the year ahead:
Weaponising operational technology environments
Cyber criminals could weaponise operational technology environments to harm or kill humans in the next four years, the Connecticut-based technology research and consulting company Gartner has said.
The OT is a type of computing and communication system – including both hardware and software – that controls industrial operations, mainly focusing on the physical devices and processes they use. It is used to gather and analyse data in real time, which is further used to monitor a manufacturing unit or to control equipment.
Various industries, such as telecoms and oil and gas, use OTs to ensure different devices work in co-ordination.
Attacks on OT environments have evolved from “immediate process disruption” such as shutting down a plant – for example in the recent Colonial Pipeline ransomware attack that took down the largest fuel pipeline in the US – to compromising the “integrity of industrial environments” with intent to cause physical or reputational harm, Gartner said.
Remote working brings new challenges
Remote working spurred by the Covid-19 pandemic could compound cyber threats in 2022.
Home devices that employees use to access office networks are usually not subject to the same security restrictions as corporate devices. This complicates efforts to control and monitor employees’ digital behaviour, applications and data outside traditional firewalls, industry analysts said.
Geopolitical cyber concerns pose growing risks
Some state actors will launch cyber attacks because they are “cheap, reliable, portable, easily hidden and hard to detect”, Moody’s Investors Service said in a report earlier this year.
The state-sponsored attacks threaten reputational damage, cause disruption of work flow and loss of intellectual property.
“Entities that find themselves the targets of these attacks could experience substantial credit damage,” the rating agency had said at the time.
Use of social media for attacks
While using social media to target victims is not a new strategy, it is relatively uncommon. It demands a level of research to engage the vulnerable target into interactions and establish fake profiles.
“The targeting of individuals has proven a very successful channel and we predict the use of this vector could grow not only through espionage groups, but [also] other threat actors looking to infiltrate organisations for their own criminal gain,” McAfee Enterprise and FireEye said in its cyber threats predictions for 2022.
Cryptocurrency exchanges to experience an increase in attacks
Cryptocurrency exchanges experienced a 10-fold increase in attacks in the first half of the year compared with the prior year period, said a report by cyber threat intelligence company PhishLabs, although it did not disclose the exact number of attacks.
The majority of the cryptocurrency attacks were orchestrated through social media.
“We anticipate cryptocurrency businesses will continue to be aggressively targeted by threat actors through social media in future … [it is] due to a majority of their activity and communication taking place through social platforms,” the report said.
Hackers pulled off the biggest cryptocurrency heist yet on August 10, stealing $613 million in digital coins from token-swapping platform Poly Network, only to return $260m worth of tokens less than 24 hours later.
Phishing attacks
Phishing typically comes in the form of fraudulent emails or pop-up messages that aim to obtain personal information from victims, such as credit card details and sensitive data, including personal identification numbers, usernames and passwords.
Phishing emails may also secretly install malicious software or malware in victims' computers. Such nefarious installations may be a virus or spyware designed to collect more information, which could lead to further fraud.
API becoming a lucrative target
Internet of Things and 5G traffic between API (application programming interface) services and apps will make them increasingly lucrative targets, causing unwanted exposure of information.
The connected nature of APIs potentially also introduces additional risks to businesses as they become an entry vector for wider supply chain attacks, McAfee Enterprise and FireEye said.
“In most cases, attacks targeting APIs go undetected as they are generally considered as trusted paths and lack the same level of governance and security controls.”
Cyber security talent crunch
The coming year will prove to be the most challenging one yet with regards to the continuing cyber security talent crunch, said the US cyber security firm BeyondTrust.
“Some drivers of this supply-demand imbalance include the accelerated adoption of hybrid cloud and digital transformation initiatives, post-pandemic projects ramping up and budgets becoming available for spend,” it added.
Rise of ransomware
The use of ransomware has picked up pace and became more dangerous in 2021. It will continue its rapid rise next year and its variations will increase with the frequency of attacks.
“Organisations must stop trying to prevent adversaries’ missions and instead prevent them from being worthwhile,” said Marty Edwards, vice president of operational technology at Columbia-headquartered cyber security company Tenable.
“In other words, organisations must make sure these missions cost too much to conduct. If the reward doesn’t cover the cost of the investment, threat actors won’t pursue it,” he added.
Cloud migration poses threat
Nearly half of the organisations moved business-critical functions to the cloud as a direct result of the pandemic, said Tenable.
However, cloud migration requires specific considerations that will likely be overlooked in 2022. For instance, detecting and preventing malicious activity in the cloud is a lot different, said Bob Huber, chief security officer at Tenable.
“And this can be further complicated by the nuances of working with cloud providers, as well as other company stakeholders looking to rapidly adopt new services in the cloud.
“Unless organisations educate their entire teams, not just security teams, about securing the cloud, they will inevitably pay the price as their migration accelerates,” said Mr Huber.
Who are the Soroptimists?
The first Soroptimists club was founded in Oakland, California in 1921. The name comes from the Latin word soror which means sister, combined with optima, meaning the best.
The organisation said its name is best interpreted as ‘the best for women’.
Since then the group has grown exponentially around the world and is officially affiliated with the United Nations. The organisation also counts Queen Mathilde of Belgium among its ranks.
UAE currency: the story behind the money in your pockets
COMPANY%20PROFILE
%3Cp%3E%3Cstrong%3EName%3A%3C%2Fstrong%3E%20Carzaty%2C%20now%20Kavak%3Cbr%3E%3Cstrong%3EBased%3A%3C%2Fstrong%3E%20Dubai%3Cbr%3E%3Cstrong%3ELaunch%20year%3A%20%3C%2Fstrong%3ECarzaty%20launched%20in%202018%2C%20Kavak%20in%20the%20GCC%20launched%20in%202022%3Cbr%3E%3Cstrong%3ENumber%20of%20employees%3A%3C%2Fstrong%3E%20140%3Cbr%3E%3Cstrong%3ESector%3A%3C%2Fstrong%3E%20Automotive%3Cbr%3E%3Cstrong%3EFunding%3A%20%3C%2Fstrong%3ECarzaty%20raised%20%246m%20in%20equity%20and%20%244m%20in%20debt%3B%20Kavak%20plans%20%24130m%20investment%20in%20the%20GCC%3C%2Fp%3E%0A
UAE central contracts
Full time contracts
Rohan Mustafa, Ahmed Raza, Mohammed Usman, Chirag Suri, Mohammed Boota, Sultan Ahmed, Zahoor Khan, Junaid Siddique, Waheed Ahmed, Zawar Farid
Part time contracts
Aryan Lakra, Ansh Tandon, Karthik Meiyappan, Rahul Bhatia, Alishan Sharafu, CP Rizwaan, Basil Hameed, Matiullah, Fahad Nawaz, Sanchit Sharma
GROUP RESULTS
Group A
Results
Ireland beat UAE by 226 runs
West Indies beat Netherlands by 54 runs
Group B
Results
Zimbabwe tied with Scotland
Nepal beat Hong Kong by five wickets
Key facilities
- Olympic-size swimming pool with a split bulkhead for multi-use configurations, including water polo and 50m/25m training lanes
- Premier League-standard football pitch
- 400m Olympic running track
- NBA-spec basketball court with auditorium
- 600-seat auditorium
- Spaces for historical and cultural exploration
- An elevated football field that doubles as a helipad
- Specialist robotics and science laboratories
- AR and VR-enabled learning centres
- Disruption Lab and Research Centre for developing entrepreneurial skills
Getting there
Flydubai flies direct from Dubai to Tbilisi from Dh1,025 return including taxes
PROFILE OF SWVL
Started: April 2017
Founders: Mostafa Kandil, Ahmed Sabbah and Mahmoud Nouh
Based: Cairo, Egypt
Sector: transport
Size: 450 employees
Investment: approximately $80 million
Investors include: Dubai’s Beco Capital, US’s Endeavor Catalyst, China’s MSA, Egypt’s Sawari Ventures, Sweden’s Vostok New Ventures, Property Finder CEO Michael Lahyani
The%20specs
%3Cp%3E%3Cstrong%3EEngine%3A%3C%2Fstrong%3E%201.8-litre%204-cyl%20turbo%0D%3Cbr%3E%3Cstrong%3EPower%3A%20%3C%2Fstrong%3E190hp%20at%205%2C200rpm%0D%3Cbr%3E%3Cstrong%3ETorque%3A%3C%2Fstrong%3E%20320Nm%20from%201%2C800-5%2C000rpm%0D%3Cbr%3E%3Cstrong%3ETransmission%3A%20%3C%2Fstrong%3ESeven-speed%20dual-clutch%20auto%0D%3Cbr%3E%3Cstrong%3EFuel%20consumption%3A%3C%2Fstrong%3E%206.7L%2F100km%0D%3Cbr%3E%3Cstrong%3EPrice%3A%3C%2Fstrong%3E%20From%20Dh111%2C195%0D%3Cbr%3E%3Cstrong%3EOn%20sale%3A%20%3C%2Fstrong%3ENow%3C%2Fp%3E%0A
Killing of Qassem Suleimani
UAE SQUAD
Mohammed Naveed (captain), Rohan Mustafa, Ashfaq Ahmed, Rameez Shahzad, Shaiman Anwar, Mohammed Usman, Mohammed Boota, Zawar Farid, Ghulam Shabber, Ahmed Raza, Sultan Ahmed, Imran Haider, Qadeer Ahmed, Chirag Suri , Zahoor Khan
UAE currency: the story behind the money in your pockets
Moon Music
Artist: Coldplay
Label: Parlophone/Atlantic
Number of tracks: 10
Rating: 3/5
Tell-tale signs of burnout
- loss of confidence and appetite
- irritability and emotional outbursts
- sadness
- persistent physical ailments such as headaches, frequent infections and fatigue
- substance abuse, such as smoking or drinking more
- impaired judgement
- excessive and continuous worrying
- irregular sleep patterns
Tips to help overcome burnout
Acknowledge how you are feeling by listening to your warning signs. Set boundaries and learn to say ‘no’
Do activities that you want to do as well as things you have to do
Undertake at least 30 minutes of exercise per day. It releases an abundance of feel-good hormones
Find your form of relaxation and make time for it each day e.g. soothing music, reading or mindful meditation
Sleep and wake at the same time every day, even if your sleep pattern was disrupted. Without enough sleep condition such as stress, anxiety and depression can thrive.
Results
6.30pm: Al Maktoum Challenge Round-2 Group 1 (PA) US$75,000 (Dirt) 1,900m
Winner: Ziyadd, Richard Mullen (jockey), Jean de Roualle (trainer).
7.05pm: Al Rashidiya Group 2 (TB) $250,000 (Turf) 1,800m
Winner: Barney Roy, William Buick, Charlie Appleby.
7.40pm: Meydan Cup Listed Handicap (TB) $175,000 (T) 2,810m
Winner: Secret Advisor, Tadhg O’Shea, Charlie Appleby.
8.15pm: Handicap (TB) $175,000 (D) 1,600m
Winner: Plata O Plomo, Carlos Lopez, Susanne Berneklint.
8.50pm: Handicap (TB) $135,000 (T) 1,600m
Winner: Salute The Soldier, Adrie de Vries, Fawzi Nass.
9.25pm: Al Shindagha Sprint Group 3 (TB) $200,000 (D) 1,200m
Winner: Gladiator King, Mickael Barzalona, Satish Seemar.
Switching%20sides
%3Cp%3EMahika%20Gaur%20is%20the%20latest%20Dubai-raised%20athlete%20to%20attain%20top%20honours%20with%20another%20country.%0D%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EVelimir%20Stjepanovic%20(Serbia%2C%20swimming)%20%3C%2Fstrong%3E%0D%3Cbr%3EBorn%20in%20Abu%20Dhabi%20and%20raised%20in%20Dubai%2C%20he%20finished%20sixth%20in%20the%20final%20of%20the%202012%20Olympic%20Games%20in%20London%20in%20the%20200m%20butterfly%20final.%20%0D%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EJonny%20Macdonald%20(Scotland%2C%20rugby%20union)%20%3C%2Fstrong%3E%0D%3Cbr%3EBrought%20up%20in%20Abu%20Dhabi%20and%20represented%20the%20region%20in%20international%20rugby.%20When%20the%20Arabian%20Gulf%20team%20was%20broken%20up%20into%20its%20constituent%20nations%2C%20he%20opted%20to%20play%20for%20Scotland%20instead%2C%20and%20went%20to%20the%20Hong%20Kong%20Sevens.%20%0D%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3ESophie%20Shams%20(England%2C%20rugby%20union)%20%3C%2Fstrong%3E%0D%3Cbr%3EThe%20daughter%20of%20an%20English%20mother%20and%20Emirati%20father%2C%20Shams%20excelled%20at%20rugby%20in%20Dubai%2C%20then%20after%20attending%20university%20in%20the%20UK%20played%20for%20England%20at%20sevens.%20%0D%3C%2Fp%3E%0A
Adele: The Stories Behind The Songs
Caroline Sullivan
Carlton Books
Benefits of first-time home buyers' scheme
- Priority access to new homes from participating developers
- Discounts on sales price of off-plan units
- Flexible payment plans from developers
- Mortgages with better interest rates, faster approval times and reduced fees
- DLD registration fee can be paid through banks or credit cards at zero interest rates
Lexus LX700h specs
Engine: 3.4-litre twin-turbo V6 plus supplementary electric motor
Power: 464hp at 5,200rpm
Torque: 790Nm from 2,000-3,600rpm
Transmission: 10-speed auto
Fuel consumption: 11.7L/100km
On sale: Now
Price: From Dh590,000
How to register as a donor
1) Organ donors can register on the Hayat app, run by the Ministry of Health and Prevention
2) There are about 11,000 patients in the country in need of organ transplants
3) People must be over 21. Emiratis and residents can register.
4) The campaign uses the hashtag #donate_hope
KILLING OF QASSEM SULEIMANI
%3Cp%3E%3Cstrong%3EDirector%3A%3C%2Fstrong%3E%20Nag%20Ashwin%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EStarring%3A%20%3C%2Fstrong%3EPrabhas%2C%20Saswata%20Chatterjee%2C%20Deepika%20Padukone%2C%20Amitabh%20Bachchan%2C%20Shobhana%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3ERating%3A%20%3C%2Fstrong%3E%E2%98%85%E2%98%85%E2%98%85%E2%98%85%3C%2Fp%3E%0A
England's all-time record goalscorers:
Wayne Rooney 53
Bobby Charlton 49
Gary Lineker 48
Jimmy Greaves 44
Michael Owen 40
Tom Finney 30
Nat Lofthouse 30
Alan Shearer 30
Viv Woodward 29
Frank Lampard 29
ESSENTIALS
The flights
Emirates flies from Dubai to Phnom Penh via Yangon from Dh2,700 return including taxes. Cambodia Bayon Airlines and Cambodia Angkor Air offer return flights from Phnom Penh to Siem Reap from Dh250 return including taxes. The flight takes about 45 minutes.
The hotels
Rooms at the Raffles Le Royal in Phnom Penh cost from $225 (Dh826) per night including taxes. Rooms at the Grand Hotel d'Angkor cost from $261 (Dh960) per night including taxes.
The tours
A cyclo architecture tour of Phnom Penh costs from $20 (Dh75) per person for about three hours, with Khmer Architecture Tours. Tailor-made tours of all of Cambodia, or sites like Angkor alone, can be arranged by About Asia Travel. Emirates Holidays also offers packages.
Which products are to be taxed?
To be taxed:
Flavoured water, long-life fruit juice concentrates, pre-packaged sweetened coffee drinks fall under the ‘sweetened drink’ category
Not taxed
Freshly squeezed fruit juices, ground coffee beans, tea leaves and pre-prepared flavoured milkshakes do not come under the ‘sweetened drink’ band.
Products excluded from the ‘sweetened drink’ category would contain at least 75 per cent milk in a ready-to-drink form or as a milk substitute, baby formula, follow-up formula or baby food, beverages consumed for medicinal use and special dietary needs determined as per GCC Standardisation Organisation rules
More from our Neighbourhood series:
