DFSA’s TIP Warns Against Growing Cyber Risks

Dubai Financial Services Authority (DFSA) had launched the DFSA Cyber Threat Intelligence Platform (TIP) in January, in which over 130 DFSA Authorized Firms and DIFC registered companies have joined the platform. The platform has provided members with information and technical indicators on a multitude of cyber threats, with an average of 160 new threats per week.

Since launching, TIP has collected information on threat actors targeting the MENA region, especially the United Arab Emirates (UAE). The most prominent threats affecting categories include: the direct targeting of banking customers in order to obtain credit card data and banking credentials; ransom ware attacks and; the targeting of the finance sector by cybercriminal syndicates.

The DFSA has observed an increase in attacks leveraging known and new malware and a soaring number of newly registered malicious domains referencing COVID-19 since March 2020. At the same time, many financial institutions were forced to rapidly implement remote working practices at an unprecedented scale. Consequently, there was an increase in attacks targeting remote access and teleworking infrastructure in the hope of exploiting hastily deployed systems.

Phishing attacks through email, SMS and other messaging applications remain a common attack vector targeting financial institutions and their customers. Detailed technical information on recent cyber threats that can affect firms operating in the DIFC and around the world can be found on TIP.

“We strongly encourage firms to cooperate and share information about cyber threats. Cyber security is a shared responsibility, which we believe can best be addressed through public-private partnerships. We understand that our involvement with firms and other regulatory and professional associations is essential for building cyber security awareness among our stakeholders. We take, and will continue to take, a proactive approach to sharing knowledge, educating stakeholders and supporting companies in building their cyber resilience in line with the National Cyber security Strategy,” noted Waleed Saeed Al Awadhi, Chief Operating Officer of the DFSA.

In the context of cybersecurity, people tend be any organization’s weakest link and cybercriminals design their campaigns using a variety of social engineering techniques. IT departments may implement a range of technical controls and systems to reduce the risk of a successful cyber-attack. However, these alone may not be effective without sufficient employee cyber awareness. Therefore, education to increase the cyber awareness is one of the most important methods to reduce the risk of falling victim to a cyber-attack.

The DFSA intends to host more of such awareness workshops as well as roundtable discussions. All DIFC companies are encouraged to register with TIP to ensure they receive timely threat information and to join in the fight against cybercrime.