Middle East Cybersecurity in 2024: From Zero-Day Exploits to Supply Chain Attacks

November 25, 2024

The Middle East has been an active battleground for cyberattacks of all kinds in 2024, making it an ideal setting for examining current cyberattack trends and what regional governments can do to defend against them. Attacks against governments, by hacktivists and by state-backed actors, have accounted for 25% of all reported attacks in 2024, many of them targeting Israel, including both ransomware and wiper programs such as the BiBi Wiper. After governments, public infrastructure such as the oil, gas, and transportation sectors were the next biggest targets. Many of those attacks made use of vulnerabilities in operational technology, such as the use of the CVE-2024-9463 command injection vulnerability in Palo Alto Networks’ Expedition platform.

The exploitation of zero-day vulnerabilities in general has been one of the biggest changes in 2024. Vulnerabilities have always been an issue, but the speed with which new vulnerabilities are identified and mercilessly exploited by threat actors is unprecedented. In the case of the recent CVE-2024-4577, within days of its identification threat actors were using it as an attack vector to propagate the TellYouThePass ransomware. Even when vulnerabilities are patched, new techniques such as downgrade attacks are forcing these vulnerabilities open again, as happened with the Terrapin attack which made use of CVE-2023-48795.

The good news is that regional governments in the Middle East are rising to the challenge of growing cyber threats, which is natural when the average cost of a single cyberattack is as large as 8.75 million USD, much higher than the global average. Qatar, Saudi Arabia, and Oman have all set up new cybersecurity initiatives, such as Saudi Arabia’s Essential Cybersecurity Controls and Qatar’s National Cybersecurity Strategy. New, stricter regulations are being rolled out to require organizations to prioritize data security, incident response, and compliance. It is strongly recommended that organizations in the region, in addition to complying with these regulations, should accelerate patch management, strengthen their supply chain security, and enhance regional collaboration with governments and other organizations.

More from Blackwired

December 9, 2024

The Shocking Speed of AWS Key Exploitation

AWS keys exposed online are exploited in minutes, highlighting the need for faster detection and response to prevent breaches.

Read more
December 2, 2024

Advanced Cyberthreats Targeting Holiday Shoppers

The holiday season sees increased e-commerce scams, with AI-driven phishing, fake sites, and data theft targeting consumers and businesses.

Read more
November 18, 2024

Safeguarding Healthcare Organizations from IoMT Risks

IoMT devices are vital but vulnerable, risking data breaches and patient safety; Zero Trust and network segmentation are key solutions.

Read more