Gulf countries ‘need early-warning on cyber attacks’

Tuesday, 7 January 2014 11:18 GMT

* Any views expressed in this article are those of the author and not of Thomson Reuters Foundation.

Growing concerns over cybersecurity in the Arab Gulf havepushed Qatar into making it a top research priority alongside water andenergy security, a meeting has heard.

But countries in the region will need to cooperate more on sharing data and setting up early warning systems to ward off cyber attacks on key assets, experts have said at the Qatar Foundation Research and Development’sannual research conference in Doha last month (24-25 November).

Countries are announcing economic wars against each other through cyberspace, so cybersecurity is essential as a defense tool, said Faisal AlSuwaidipresident of Qatar Foundation Research and Development.

“If countries cooperate to share early-warning information, it will help us get ahead of the people who want to do us harm.”

Richard DeMillo, Qatar Computing Research Institute 

He cited an example from August 2012when hackers attacked one of world’s largest oil producers, Saudi Aramco, in Saudi Arabia, affecting more than 30,000 workstations. Qatari natural gas company was also hit by a virus that shut down its website and email servers that same month.

Richard DeMillo, chief scientist at the Qatar Computing Research Institute,tells SciDev.Net that researchers areinvestigating what kind of attacks could be used to shut down the oil and gas industry, the technologies that are being used, and where such attacksoriginate.

DeMillo says the attack technologies are becoming more and more sophisticated. He calls for an early-warning system to combat cyber attacks, similar to that used for hurricanes. 

“If countries cooperate to share early-warning information, it will help us get ahead of the people who want to do us harm.”

DeMillo also points to the potential threat hackers pose to smartphones: in the last year global attacks on Android smartphones increased by 600 per cent.

“We need to think of cyber threats like the fight against cancer. It’s not going to be 100 per cent cured, but we will learn enough science to know what the vulnerabilities are,” says DeMillo.

Regional risks and preparedness

Siraj Shaikh, who studies cybersecurity at Coventry University in the United Kingdomtells SciDev.Net that companies in Saudi Arabia at risk from cyberattack include those in construction, finance, government departmentsthe media and transport

He says potential cyber conflict could arise from Saudi Arabias political positions on IranIsrael, Syria and Yemen, and there is the threat of non-state actors such as the Syrian Electronic Army — a group of hackers who support the Syrian president Bashar al-Assad.

Groups like these are multiplying in the region and represent a “cause for concern”, he says, but adds that Oman, Qatar, and the United Arab Emirateshave already invested heavily in cybersecurity over the last decade and have tried to adopt the security models of western countries

Saudi Arabia has also invested a great deal over the last twenty years to promote training in computer technologies  particularly for young people and to improve broadband and infrastructure, says Shaikh.

But he warns that its cybersecurity ambitions could be frustrated by a lack of coordination among government ministries and a lack of leadership to coordinate national cybersecurity strategy. 

Saudi Arabia needs a national policy to insure that it invests as much in security as in developing its telecommunication networks, he says.