Business

MOVEit Transfer hack: What steps Middle East firms can adopt to counter attacks

A cyberattack on hundreds of banks, consultancies, legal companies, and energy giants in the US and UK has been ongoing since late May through the MOVEit Transfer hack, a tool used to share large files over the internet by corporations and enterprises.

The FIN11 hacker group — focusing on ransomware and extortion — has been listing the names of victim organizations on their shaming site since mid-June.
For the latest headlines, follow our Google News channel online or via the app.
While this attack hasn’t reached the region, organizations in the Middle East can stay one step ahead by adopting a “requirements-driven approach,” according to Jamie Collier, Senior Threat Intelligence Advisor at Mandiant, an American cybersecurity firm and a subsidiary of Google.

In an interview with Al Arabiya English, Collier said threat intelligence teams operate in resource-constrained environments. Yet the scale of cyber threats organizations face has never been greater, with recent research from Mandiant finding that 79 percent of security decision-makers make decisions without adversary insights the majority of the time.

Organizations that implement a ‘requirements-driven approach’ can significantly improve an intelligence program’s efficiency, utility, and value.

“It requires, though, a very clear strategy,” said Collier, a leader in threat intelligence with expertise gained on the frontlines of cyber security.

Collier added that, in simple terms, “it is crucial for an intelligence team to always focus on what their organization needs — these are called ‘requirements.’ A Cyber Threat Intelligence (CTI) team should start with these requirements and use them as a guide for all their work, from data collection to sharing insights with others.”

“When a report is completed and shared with the relevant people, the team should get feedback and revisit their initial requirements to ensure continuous and consistent improvement.”

According to Collier, the focus should always be on meeting the needs of the stakeholders and re-evaluating their requirements.

“This process never really ends, and it should be flexible and adaptable. If done right, it will help set standards, improve security, and make intelligence a key part of an organization’s security.”
Collier said intelligence teams can build far more tailored intelligence products if they understand the unique context of their organization.

“For instance, if an intelligence team knows that a vulnerability management team is struggling to prioritize their patching efforts, reports on actively exploited vulnerabilities within an organization’s sector and region can provide dramatic efficiencies,” he said.

Regional trends in the growth of cybersecurity

“Companies and individuals in the Middle East are regularly targeted with phishing and spear phishing attacks. Everyone living in the region will be familiar with the fake text messages pretending to be from the Central Bank or the Police, attempting to trick you into giving away your bank details,” Renze Jongman, Threat Intelligence Advisor (MEA), Mandiant, told Al Arabiya English.

“But the problem is bigger than just small-time fraud,” he said. “For example, well-organized criminals, but also state-sponsored actors will target individuals with fake employment opportunities. Equally, companies looking for unique skill sets are often targeted with fake resumes. As soon as a recruiter opens the file, malware will be installed on the system.”

He continued, “Targeting specific companies or industries allows cybercriminals to zoom in on high-value targets, and espionage actors to collect classified and confidential information on very specific topics. After all, people looking for a new job will gladly talk about the work they have previously done.”

Mandiant recently published its M-Trends 2023 report, with insights on trends in the cyber threat landscape. The research shows that spear phishing (a targeted attempt to steal sensitive information such as account credentials or financial information from a specific victim) is the single most used attack vector (a way for attackers to enter a network or system) in EMEA, while the use of exploit kits, used to automatically leverage vulnerabilities on a user’s system, is most likely to be used elsewhere in the world.

Jongman explained the ramifications of the MOVEit Transfer attack and the international incidents in the Middle East.

“The ransomware group FIN11, also known as Cl0P, is attacking organizations that use the MOVEit Transfer Software from Progress Software. Thousands of organizations use the software to securely transfer their files, including organizations in the Middle East,” Jongman told Al Arabiya English.

FIN11 modus operandi is to scan the internet for organizations that use the software and then try and exploit a vulnerability that Progress discovered in May. If they are successful, they will steal the data they find on the server and use it to extort the victim organization. FIN11 threatens to publish the stolen data online if organizations don’t pay the ransom.

“Attacks like these extend far beyond the organizations that lose their data: this problem also impacts average people. The volume of personally identifiable information that was stolen is significant, and once the data is leaked, other cybercriminals could download the data for identity theft, fraud, and phishing: a significant problem, especially in the Middle East,” said Jongman.

He said that organizations using MOVEit Transfer Software should take immediate measures to protect their data and customers.

“Progress Software released a series of patches that should be applied immediately. Mandiant has published a guide with additional guidance to help companies protect themselves.”

Pro-Russian hackers target website of Europe’s largest port

Suspected state-backed hacking group hits more nations as threat grows

Business

Almarai signs multiple agreements to localize jobs through training and recruitment programs

Almarai signed a cooperation memorandum with the Food Industries Polytechnic, the
Transport General Authority, and the Saudi Logistics Academy to localize jobs in the
food and beverages sector through training and rehabilitation programs ending in
employment. This came within the first international conference on the labor market,
organized by the Ministry of Human Resources and Social Development on 13 – 14
December 2023 at the King Abdulaziz Convention Center in Riyadh.

‘These agreements are part of Almarai’s corporate program for the social responsibility
to achieve localization in the food industry sector, which is one of the top priorities of the
comprehensive strategic plans in Almarai, especially since the company is one of the
largest working environments in the kingdom, with more than 9,000 Saudi employees,
including more than 900 Saudi female employees.”Fahad Aldrees, Chief Human
Resources Officer of Almarai, said.

He added that the agreements signed to train and qualify young people are part of the
integrated initiatives and training and rehabilitation programs for national human
resources in Almarai. He pointed out that the company provided about half a million
employee training hours during 2022, raising its retention rate to 90% during 2022.

It is worth mentioning that Almarai is the world’s largest vertically integrated dairy
company, and the largest food and beverage producer and distributor in the Middle
East. Almarai was ranked among LinkedIn’s top 15 Saudi companies for professional
career development for 2022.

Business

SEBA Bank rebrands to AMINA Bank and continues to write its success story

a fully licensed Swiss crypto bank, announced today its new brand identity: AMINA Bank AG. The group operates
globally from its regulated hubs in Zug, Abu Dhabi and Hong Kong, offering its clients traditional and crypto banking services.
SEBA Bank made history in 2019 by becoming one of the first FINMA-regulated institutions to provide crypto banking services. This rebrand marks a new chapter for the company, which has proudly been in operation for more than four years. AMINA Bank is inspired by the same trailblazing ambition to lead the way for its clients and to write its own future as a Swiss-
regulated crypto bank offering services to its traditional and crypto savvy clients around the globe. The name ‘AMINA’ stems from the term ‘transAMINAtion’, meaning transference of one compound to another. AMINA is a brand driven by perpetual change, bringing together the various ‘compounds’ of traditional, digital, and crypto banking to unlock new potential and
growth for our clients. This vision of change represents the transformation of our clients’ financial future. Franz Bergmueller, CEO of AMINA, said: “We are delighted to introduce the world to our new brand identity. While we say goodbye to the SEBA name, we remain forever proud of the achievements made by the group under the former brand. “Our brand signifies a new era in the company’s growth and strategy; we are a key player in crypto banking and are here to define the future of finance. With our client-focused approach, our years of traversing traditional and crypto finance, we offer a platform for investors to build
wealth safely and under the highest regulatory standards.” “We are grateful to be encouraged by our supportive and committed investors who have been very helpful, supporting the growth of the company. We thank our employees in all the regions
for their dedication and client focus. As we look forward to 2024, our ambition is to accelerate the growth of our strategic hubs in Switzerland, Hong Kong, and Abu Dhabi, and to continue our global expansion, building on all the successes we have laid down over the past years.” Current clients of AMINA Bank (formerly SEBA Bank) will be unaffected by the rebrand other than encountering the new name; all operations will be business as usual across the board. The branch office based in Abu Dhabi and the subsidiaries in Hong Kong and Singapore will subsequently apply for a name change to align with the head office in Zug.

Business

Uptime Appoints Mustapha Louni Chief Business Officer

Uptime Institute is pleased to announce the appointment of Mustapha Louni to the position of Chief Business Officer, a role specifically created to drive strategic leadership and client success. In this new role, Mr. Louni will assume responsibility for the global Uptime sales and marketing organizations and drive overall business value for all Uptime clients. He will retain his existing responsibilities overseeing operations in the Middle East, India, Africa, and the Asia Pacific regions. In this elevated capacity, Mr. Louni is poised to play a pivotal role in driving Uptime’s next phase of global expansion through strategic initiatives to enhance market awareness of the dramatically expanding global service lines and delivery capabilities of Uptime that uniquely support the global data center industry in its pursuit of ever higher performance through elevated availability, resiliency, sustainability, and cyber-security of digital infrastructure. Louni’s appointment renews and expands Uptime

Institute 39;s 30-year commitment to advancing excellence in the data center sector on a global scale. “Today we are experiencing the next phase of the one-time, planetary transformation from analog to digital. This unprecedented, once-in-a-generation growth in data center demand is primarily driven by continuing cloud adoption, the new promise of AI, and the demonstrable fact
that hybrid digital infrastructure is here to stay for the foreseeable future,” said Martin McCarthy, CEO, Uptime Institute. “These complex and nuanced market demands require a visionary talent like Mustapha Louni. He is someone who cannot only deftly manage specific aspects of the business but also remain ahead of accelerating changes and trends. He continues to earn client
trust and respect by timely delivery on demanding commitments while he also inspires and energizes colleagues and clients alike. I am delighted to announce Mr. Louni’s new position and know that he will continue to expand the impact that he has already brought to Uptime since his arrival.” In 2014, Mr. Louni joined the Uptime organization in the United Arab Emirates, leveraging his extensive experience from roles at Panduit and Schneider Electric in Paris and Dubai. As the company’s first commercial resource in the Middle East and Africa region, Mr. Louni played a pivotal role in expanding Uptime’s presence. Within a year, he successfully established what became and remains Uptime’s fastest growing regional office. Under his leadership, Uptime has
extended his impressive trajectory of growth in MEA to the Asia-Pacific regions, augmenting the Uptime workforce with dedicated team members spanning more than a dozen countries across these regions. A new Uptime office has been inaugurated in Riyadh, Kingdom of Saudi Arabia (KSA) this year, further fortifying the company’s ability to meet its commitment to sustained
growth and excellence and serve clients in critical, accelerating markets for digital infrastructure.

Uptime Institute began development of its proprietary and now globally recognized Tier Standards and its Tier Certifications 30 years ago to ensure that the mission critical computing needs of all organizations could be met with confidence and understood by executive management. Since that time, Uptime Tier Certification as well as other Uptime offerings including assessments and awards in digital infrastructure for ensuring business performance in areas of management and operations, risk and resilience, sustainability, and more recently cyber- security have gained global adoption. Uptime’s expanding success is based on delivering a
unique business service that is based upon unparalleled engineering excellence and technical mastery, while remaining vendor independent and technology agnostic.