Since the Dubai Financial Services Authority (DFSA) launched the DFSA Cyber Threat Intelligence Platform (TIP) in January, over 130 DFSA Authorised Firms and DIFC registered companies have joined the platform. The platform has provided members with information and technical indicators on a multitude of cyber threats, with an average of 160 new threats per week.
Since launching, TIP has collected information on threat actors targeting the MENA region, especially the United Arab Emirates (UAE). The most prominent threats affecting the finance sector fall into three primary categories. The categories include: (1) the direct targeting of banking customers in order to obtain credit card data and banking credentials; (2) ransomware attacks; and, (3) the targeting of the finance sector by cybercriminal syndicates.
The DFSA has observed an increase in attacks leveraging known and new malware and a soaring number of newly registered malicious domains referencing COVID-19 since March. At the same time, many financial institutions were forced to rapidly implement remote working practices at an unprecedented scale. Consequently, there was an increase in attacks targeting remote access and teleworking infrastructure in the hope of exploiting hastily deployed systems.
Phishing attacks through email, SMS, and other messaging applications remain a common attack vector targeting financial institutions and their customers. Detailed technical information on recent cyber threats that can affect firms operating in the DIFC and around the world can be found on TIP.
The DFSA launched TIP on 21 January 2020. It is the first financial services regulator-led cyber threat intelligence platform in the region, delivered in collaboration with leading government entities the Dubai Electronic Security Centre (DESC), the National Computer Emergency Response Team for the UAE (aeCERT) and the Computer Incident Response Center Luxembourg (CIRCL). The independent cybersecurity specialist firm, Help AG, was appointed to manage and operate the platform and cybersecurity experts Kaspersky, Palo Alto Networks, and Recorded Future were engaged to contribute to TIP. The platform is available at no cost to all DFSA authorized and DIFC registered companies. DFSA authorized firms can register for TIP via the DFSA ePortal and DIFC registered companies can register through the DIFC ePortal.
As part of the DFSA’s broader efforts to elevate cybersecurity maturity within the DIFC, the DFSA hosted the “DFSA Cyber Threat Intelligence Platform Workshop” for TIP members in April. Help AG conducted the session and provided an overview of threat intelligence, demonstrated how to use and contribute to TIP, and showcased integration methods for advanced users. The DFSA intends to host more of these workshops as well as roundtable discussions. All DIFC companies are encouraged to register with TIP to ensure they receive timely threat information and to join in the fight against cybercrime.