Browsing 'cyber security' News

Celebrating Safer Internet Day (SID) on 6th February, Ministry of Transport and Communications (MoTC) signed a MoU with Vodafone to ensure cyber security.

As per Dean and CEO of Northwestern University Qatar (NU-Q), Dr. Everette E Dennis, the case of QNA hacking was a planned disinformation formulation and circulation, to instigate regional and international insecurity, creating an anti-Qatar sentiment, which further became the basis of diplomatic blockade by GCC countries.

After the information attack caused by QNA hacking, Qatar is taking special measures to prevent cyber-attacks. In the same direction, the Qatar government has dedicated the year as Safer Internet Year. The MoU with Vodafone follows in sync to strengthen cyber safety initiatives.

The 2018 SID is themed “Create, connect and share respect: A better Internet starts with you”. It is a call for action from every stakeholder to play their part in ensuring safe internet surfing, focussing on youngsters being the most vulnerable people.

Vodafone, as partner on cyber safety initiatives is committed itself to double its efforts on creating a secure internet surfing. Vodafone has already been delivering creative and engaging workshops in 10 schools covering 1000 students. With the formal MoU with MoTC, it will now work on number of cyber security initiatives to ensure continuous and effective awareness.

Vodafone has launched AmanTECH in 2014, which equipped thousands of children, parents and teachers with the right tools to navigate the digital world safely. Their team is now committed that the program in long run will provide people in Qatar with everything they need to know and do for their children in today’s ever-expanding digital world.

Mohammed Al Yami, Director of External Affairs, Vodafone Qatar stated that they “look forward to working closely with the Ministry to reach even more people,” as a partner ensuring cyber security.

The ministry is already working with number of programs such as Haseen, SafeSpace, Ammen Taslam (#Secure4Safety), Ethical Responsibility in a Digital World, SID, and the Digital Literacy Curriculum carried out in collaboration with the Ministry of Education & Higher Education, which will now completed by Vodafone.

The workshops initiated till now in schools has gained immense response. Further such programmes may prove extremely helping in educating youngsters about the various cyber issues and promoting safe internet surfing.

Photo for illustrative purposes only.

Shehan Peruma/Flickr

Photo for illustrative purposes only.

Technology firm Cisco has called for companies in Qatar to focus on earlier detection of cyber attacks, as the threat from sophisticated hackers continues to cause concern both within the region and further afield.

According to the company’s 2015 Midyear Security Report, which analyzes cyber security trends, private and government organizations need to put adequate measures in place to counter attacks, focusing on early discovery so that affected systems can be restored as soon as possible.

In a statement, Mohammad Hammoudi, Cisco Qatar’s general manager, said:

“The technology industry must up (its) game and provide reliable and resilient products and services, and the security industry must provide vastly improved capabilities for detecting, preventing, and recovering from attacks. Organizations in Qatar cannot just accept that compromise is inevitable, even if it feels like it today.”

Cisco’s report lists current methods used by hackers and writers of malware (software designed to infect computers), highlighting the exploitation of Adobe Flash and a return to the infection of Microsoft Office macros as particular areas of concern.

It also said that while spam is increasing in the US, China and Russia, volumes appear to be relatively stable in the Middle East this year.

‘Weak links’

Qatar has been the victim of several high profile Domain Name System Services (DNS) attacks in recent years, with attackers managing to reroute website requests for 10 key domains in Qatar, including the Ministry of Interior, Ooredoo Qatar and the Ministry of Foreign Affairs.

Photo for illustrative purposes only.

Yellow Filter/Flickr

Photo for illustrative purposes only.

Last year, The Emerging Cyber Threats 2014 report published by the Qatar Computing Research Institute (QCRI) – a private, non-profit organization that is part of Qatar Foundation – warned of a number of weak links in the state’s cyber security.

Meanwhile, a Safe Cities index published in January this year put Doha in 31st place out of 50 world cities in terms of its online security, well behind Gulf neighbor Abu Dhabi, which came in 9th position.

New governmental controls

Cisco’s report also argued that many governments aren’t yet ready to deal effectively with constantly evolving threats, and suggested that rules governing how private data is collected and shared continue to remain a key hurdle.

Photo for illustrative purposes only

Fernando Filho/Flickr

Photo for illustrative purposes only

Acting on these concerns, Qatar’s Cabinet announced in March that two new bodies designed to investigate possible online threats would be created.

The National Center for Cyber Security and National Committee for Information Security will monitor and follow up on cyber threats on government entities, and carry out the government’s  National Cyber Security Strategy.

The Cabinet also approved a draft decision to improve protection for personal data online, which would prevent companies from using such information for marketing purposes without the users’ permission.

Future threats

2013 Syrian Electronic Army hack

Syrian Electronic Army

2013 Syrian Electronic Army hack

Speaking to Doha News in 2013, Qatar Computing Research Institute (QCRI) chief scientist Richard De Millo said the most significant digital dangers to Qatar involved “advanced persistent threats,” which are large, sustained cyber attacks typically backed by states or sizable organizations.

Along with the Syrian Electronic Army, this includes organized crime groups and activist organizations such as Anonymous.

“The bad guys are well-funded and innovating technologically very fast. Countries that want to respond need to have an innovation engine that builds up their technology and public awareness base to protect its critical infrastructure,” De Millo said.

De Millo added that ongoing public awareness is a critical component of preventing future attacks. For example, simple acts such as not opening email attachments from unknown senders and choosing suitably difficult passwords can make a big difference.

“Use common sense, the same way we teach drivers to use common sense when learning how to operate a car,” he said.

Thoughts?

Photo for illustrative purposes only.

Nick Olejniczak/Flickr

Photo for illustrative purposes only.

As part of an ongoing push to improve cyber security, Qatar’s State Cabinet gave the go-ahead yesterday to establish two new bodies that would monitor and investigate possible online threats.

The Cabinet also approved a draft decision to improve protection for personal data online, which would prevent companies from using such information for marketing purposes without the users’ permission.

The move appears to redistribute responsibility for some aspects of cyber security from the Ministry of Information and Communications Technology (ictQatar) to the portfolio of the Ministry of Interior (MOI).

Included in the proposed measures is a plan to set up a new National Center for Cyber Security under MOI. This would monitor and follow up on cyber threats on government entities, and lead coordination with other related organizations in investigating such attacks, according to Qatar News Agency (QNA).

A separate National Committee for Information Security is also expected to be established. This body would carry out the National Cyber Security Strategy, which was drawn up in November last year by ictQatar.

Speaking last year to bankers on the issue, Qatar’s Minister of Communication and Information Technology (ictQatar) Dr Hessa al Jaber outlined the key areas of the strategy:

  • Protecting the country’s critical infrastructure;
  • Applying international standards for limiting cyber security threats;
  • Encouraging the use of secure online services;
  • Raising the capabilities in Qatar in terms of determining cyber threats and dealing with them; and
  • Implementing a legal framework that guarantees a safe cyberspace.

Defined roles

The latest Cabinet decisions appear to better define the roles of the main government entities involved in cyber security, with ictQatar focused on setting policy, while the MOI implements and enforces the rules.

Photo for illustrative purposes only.

projectexploration/Flickr

Photo for illustrative purposes only.

The draft law also includes new measures that would further protect users’ personal information online, by reminding companies responsible for storing and transferring such data of their obligations.

However, no specific details were given about what this entails.

Meanwhile, in a bid to cut down on spam, the Cabinet agreed that personal details cannot be harvested for companies to use for marketing purposes unless prior permission is given by the user.

The MOI has a wide-ranging remit, which includes managing conventional security organizations such as the police, coastguard, airport security, civil defense and public guard.

Its portfolio is now widening to include cyber security enforcement, which includes Qatar’s controversial cybercrime law, which was introduced late last year.

This legislation introduced new penalties for those found guilty of hacking into government networks, posting child pornography and conducting electronic fraud.

The law also contains provisions on “content crimes” that make it illegal to publish “false news” and information that violates the country’s “social values” or “general order.”

However these terms have not yet not been defined, causing concern among journalists and social media users that they could be open to wide interpretation.

More protection

While countries across the world are looking to enhance their online security, Qatar has been singled out recently in a number of reports as needing to employ additional measures.

2013 Syrian Electronic Army hack

Syrian Electronic Army

2013 Syrian Electronic Army hack

The Emerging Cyber Threats 2014 report produced last summer by the Qatar Computing Research Institute (QCRI) – a private, non-profit organization that is part of Qatar Foundation – warned of a number of weak links in the state’s cyber security.

Among these are the many suppliers and consultants that Qatar has hired to increase internet access and connectivity in the country. These consultants often have access to large amounts of sensitive data.

But because supply chain companies may have lower levels of security, they are often targeted by hackers and cyber criminals as an access point to the systems of bigger organizations, the report found.

Other key threats include:

  • Potential attacks on Qatar’s “critical infrastructure” – oil, gas and water;
  • An increasing reliance on hosting information on cloud systems; and
  • A lack of security awareness when using mobile devices such as smartphones and tablets.

Qatar has also fallen victim to a number of attacks on Domain Name System Services (DNS) in recent years. In October 2013, attackers managed to reroute website requests for 10 key domains in Qatar, including the Ministry of Interior, Ooredoo Qatar and the Ministry of Foreign Affairs.

Meanwhile, a Safe Cities index published earlier this year put Doha in 31st place out of 50 world cities in terms of its online security, well behind Gulf neighbor Abu Dhabi, which came in 9th position.

In this category, the report looked at the resources dedicated to ensuring residents can go online without fear of violations of privacy or identity theft; the reliance of a city on digital infrastructure (smart traffic lights etc); frequency of identity theft and the estimated number of computers infected with viruses.

Safety first

For illustrative purposes only.

MarylandGovPics/Flickr

For illustrative purposes only.

Separately, Qatar-based telecoms provider Ooredoo announced yesterday a new way of using mobile technology to help keep family members safe.

It has partnered with Portuguese mobile application development company iMobileMagic to roll out a “family safety” service, based on the developer’s PhoneNear system.

This cloud-based system allows families to log the details of various mobile devices on a dedicated website, which links them on a shared platform.

Aimed for the use by children, elderly or vulnerable people, the service provides a location feed direct to mobile devices, and is also equipped with a panic button that would alert the whole family of any situations.

According to a statement from Ooredoo, other features include a real-time location tracker and pre-set safety spaces such as their home, school and grandparent’s house. If a child moves outside of the safe space, the service triggers an alert to the parents’ phones.

Thoughts?