DFSA alerts institutions to increased risk of cyberattacks

DFSA alerts institutions to increased risk of cyberattacks

DUBAI, 28th July, 2020 (WAM) -- Since the Dubai Financial Services Authority, DFSA, launched the DFSA Cyber Threat Intelligence Platform, TIP, in January, over 130 DFSA Authorised Firms and Dubai International Financial Centre registered companies have joined the platform.

The platform has provided members with information and technical indicators on a multitude of cyber threats, with an average of 160 new threats per week.

Since launching, TIP has collected information on threat actors targeting the MENA region, especially the UAE. The most prominent threats affecting the finance sector fall into three primary categories: the direct targeting of banking customers in order to obtain credit card data and banking credentials; ransomware attacks; and, the targeting of the finance sector by cybercriminal syndicates.

The DFSA has observed an increase in attacks leveraging known and new malware and a soaring number of newly registered malicious domains referencing COVID-19 since March. At the same time, many financial institutions were forced to rapidly implement remote working practices at an unprecedented scale. Consequently, there was an increase in attacks targeting remote access and teleworking infrastructure in the hope of exploiting hastily deployed systems.

Phishing attacks through email, SMS, and other messaging applications remain a common attack vector targeting financial institutions and their customers, DFSA said, adding that detailed technical information on recent cyber threats that can affect firms operating in the DIFC and around the world can be found on TIP.

Waleed Saeed Al Awadhi, Chief Operating Officer of the DFSA, said, "We strongly encourage firms to cooperate and share information about cyber threats. Cyber security is a shared responsibility, which we believe can best be addressed through public-private partnerships. We understand that our involvement with firms and other regulatory and professional associations is essential for building cyber security awareness among our stakeholders. We take, and will continue to take, a proactive approach to sharing knowledge, educating stakeholders and supporting companies in building their cyber resilience in line with the National Cybersecurity Strategy."