Carding and data leakage on the rise

As virtual footprints of organizations have continued to expand multi-fold during the coronavirus pandemic, instances of carding, data exposure, and hacktivism have escalated to become the highest rated digital risk categories in 2020, impacting almost all major industry verticals in the Middle East region, the first ever Digital Risk Protection report by Help AG, the cyber security arm of Etisalat Digital, has revealed.

Help AG’s security analysts saw a 500% jump in risk alerts for carding from January to June 2020 compared to the same period in 2019. Carding refers to the trafficking of credit cards, bank accounts, and other personal information online. The top impacted sectors include aviation, logistics, and retail.

During the initial months of COVID-19, Help AG’s security analysts witnessed a staggering 3X (183%) jump in threat alerts related to data exposure. Data leakage refers to the intentional (malicious intent) or unintentional (human error) exposure of confidential documents, corporate emails, and documents with sensitive metadata on official channels of an organization and the dark web for subsequent unauthorized use and exploitation for malicious purposes. The top impacted sectors include healthcare, government, aviation, logistics, retail, and energy and utilities.

Help AG’s security analysts observed a nearly 50% increase in hacktivism risk alerts following analysis of monitored hacker groups’ advertisements on social networks (hacktivist profiles and groups), media (local, sectorial, and syndicalist), petition and signature platforms, information sharing platforms and manifestos (pastes). The top impacted sectors include healthcare, government, aviation, logistics, retail, and energy and utilities.

For organizations, the biggest impacts of these major digital risks range from service disruptions to exposure of private information intended for confidential use for future business goals, loss of reputation and trust established with customers and partners, inability to ensure compliance against regulatory requirements, and ultimately a dent in the success of digital transformation initiatives. It is important to note that the risks affect a wide audience of stakeholders from board and executive management levels to legal, marketing, risk, compliance, governance, and operations.

To help address these challenges, Help AG’s Digital Risk Protection service, under our Managed Security Services, safeguards organizations’ brands from misuse whilst protecting social media and digital channels from business risks and security threats. The service offers a comprehensive solution against external cyber threats, covering the entire life cycle from early detection to final resolution. In order to further protect customers, Help AG has also activated a “Special COVID Monitoring Plan” that includes a combination of special keywords with the aim to detect any mentions of its customers as well as detecting changes in the tendencies of posts on social media.

“The impact of the pandemic is very clear as we compare risk alerts with the corresponding number of alerts in 2019 in our first ever Digital Risk Protection report,” Stephan Berner, Chief Executive Officer at Help AG, said. “These high rated threats are an unfortunate reality of the COVID-19 era, hence knowing and guarding against your enemy is now more important than ever before.”

Berner said, “Our report details the various risks organizations must be aware of as well as all aspects of digital risk protection covering proactive identification, validation, response, and remediation. The risk management cycle is never ending but remains critical for business continuity.”