As virtual footprints of organizations have continued to expand multi-fold during the coronavirus pandemic, instances of carding, data exposure, and hacktivism have escalated to become the highest-rated digital risk categories in 2020, impacting almost all major industry verticals in the Middle East region, the first-ever Digital Risk Protection report by Help AG, the cybersecurity arm of Etisalat Digital, has revealed.
Help AG’s security analysts saw a 500% jump in risk alerts for carding from January to June 2020 compared to the same period in 2019. Carding refers to the trafficking of credit cards, bank accounts, and other personal information online. The massive five-time increase in carding alerts was observed through scans of public sources including information sharing platforms and deep web sources with data compiled by botnets and underground markets. Findings comprised all possible details including recovery date, BIN code, card number, card expiry, source, card brand, card type, issuing bank, and country of the issuer. The top impacted sectors include aviation, logistics, and retail.
Data Leak or Data Exposure
During the initial months of COVID-19, Help AG’s security analysts witnessed a staggering 3X (183%) jump in threat alerts related to data exposure. Data leakage refers to the intentional (malicious intent) or unintentional (human error) exposure of confidential documents, corporate emails, and documents with sensitive metadata on official channels of an organization and the dark web for subsequent unauthorized use and exploitation for malicious purposes. The alarming increase was identified as a result of continuous monitoring of documents and file repositories on information sharing platforms, official portals of organizations, and the dark web through Help AG’s Digital Risk Protection service. The top impacted sectors include healthcare, government, aviation, logistics, retail, and energy and utilities.
Help AG’s security analysts observed a nearly 50% increase in hacktivism risk alerts following analysis of monitored hacker groups’ advertisements on social networks (hacktivist profiles and groups), media (local, sectorial, and syndicalist), petition and signature platforms, information sharing platforms and manifestos (pastes). Hacktivism is an open challenge among cybercriminals to take down a normal business by causing disruption. The top impacted sectors include healthcare, government, aviation, logistics, retail, and energy and utilities.
For organizations, the biggest impacts of these major digital risks range from service disruptions to exposure of private information intended for confidential use for future business goals, loss of reputation and trust established with customers and partners, inability to ensure compliance against regulatory requirements, and ultimately a dent in the success of digital transformation initiatives. It is important to note that the risks affect a wide audience of stakeholders from board and executive management levels to legal, marketing, risk, compliance, governance, and operations.
“The impact of the pandemic is very clear as we compare risk alerts with the corresponding number of alerts in 2019 in our first-ever Digital Risk Protection report,” Stephan Berner, Chief Executive Officer at Help AG, said.
“These high rated threats are an unfortunate reality of the COVID-19 era, hence knowing and guarding against your enemy is now more important than ever before. At Help AG, the leading cybersecurity provider in the region, we are fully geared to manage digital risks for our customers and ensure a secure but sustainable digital presence in the cyber world. Our report details the various risks organizations must be aware of as well as all aspects of digital risk protection covering proactive identification, validation, response, and remediation. The risk management cycle is never-ending but remains critical for business continuity.”