Four years ago, I predicted that Middle East will witness new era of cyber espionage and cyber-attacks. Many IT specialists and system administrators and even policymakers didn’t believe what I said.
Now, I can say with confidence that what I was talking about is not comparable to what is happening right now. The latest revelations by Edward Snowden on NSA spying and surveillance capability confirmed the real situation, especially in Middle East region. Our region is vulnerable to all types of cyber-attacks and cyber espionage due to our dependence on western technology, which is sometimes deeply embedded inside our critical infrastructure.
This year Kaspersky labs revealed shocking details related to cyber espionage group that linked to Stuxnet and other sophisticated malware such as DUQU and Flame. All those malware or persistent threats targeted Middle East countries. Kaspersky called the latest revelation “Equation Group Malware”. The most important part in the revelation proves that this group managed to infect “HDD firmware” to spy on victims with sophisticated tools. The malware or the infection tools are hidden from antivirus software, which make the discovery impossible by normal tools used by victims to protect their systems.
According to Kaspersky labs, the infected Hard Drives are located in government and private sectors. But what is notable is the critical departments such as Telecoms, Nuclear research, Military and Oil. What made me think twice are the Military departments and also what Kaspersky called “Islamic Activists”.
The map below shows that Middle East countries are infected with this sophisticated espionage malware!
When it comes to cyber espionage we shouldn’t forget that we live in cyberwar era, in which players are looking for victory. Kaspersky is a Russian based cybersecurity company founded by Eugene Kaspersky. Kaspersky himself studied at KGB related institution and Bloomberg accused him that he has ties with Russian spies! But Kaspersky denied.
If Kaspersky is really making hypes or trying to create victory, it doesn’t mean that they don’t do great job in the cybersecurity arena. It also doesn’t mean that NSA is not spying on all countries around the world especially Middle East. Ironically, Kaspersky itself got infected with a sophisticated malware derived from Stuxnet! It means that NSA and its partners are hacking everyone which is now confirmed by the intercept.
It’s war. If we don’t treat cybersecurity as national security, we will lose every battle!
Cyber security expert and host of a television show? It is not every day that we come across an IEEE volunteer involved in these two distinct fields. Dr. El Guindy is a frequent blogger on Middle East cyber security issues, human rights, digital surveillance and cyber threats. In addition, he publishes whitepapers on critical issues related to technology and Middle East. Furthermore, he is the author of variety of books, study guides and IT courses in English and Arabic which are approved by international reputable organizations. Dr. El Guindy was involved in developing Arabic booklets for an Internet Awareness Project “Saleem Net” in Saudi Arabia. Mohamed is an authority in the filed of cybercrime study in the Middle East and his contributions cited in UN reports and university research around the world.
Dr. Eddie Custovic, the Editor-in-Chief of GOLDRush, interviewed Dr. Mohamed N. El-Guindy
New Senior Member and ISSA Egypt Chapter President Mohamed N. El-Guindy has taken to the airwaves, interviewed with newspapers and magazines, participated in NGOs and governmental initiatives, and much more in his struggles to advance the state of cybersecurity in Egypt and the region, and his efforts are starting to pay off ISSA asked El-Guindy if he would be willing to comment on the state of infosec in Egypt, some of the challenges Egypt faces, what he has been doing to improve the environment, and his advice to other ISSA chapter leaders. Here is what he had to say:
Read full interview, click here
“This interview was taken from the February 2015 issue of the ISSA Journal©. It has been made available with permission of ISSA international™. Published monthly, the Journal is an ISSA members-only benefit. For more information, visit www.issa.org,” or email Editor@issa.org.