Cyber attacks are likely to rise during times of confusion and fear, increasing their chances of succeeding, guidelines from Abu Dhabi authorities have warned.
The Abu Dhabi Emergencies, Crises and Disasters Management Centre informed the public of common cyber threats, reasons for the increase in cyber attacks and signs of suspicious messages and links in the Guidelines for Cybersecurity Awareness during Emergencies.
One section of the guidelines, issued last week, lists the possible motivations behind the surge in hacking attempts and computer crimes.
“Exploiting fear and confusion among individuals”, it said, leads to “rushed digital decision-making without adequate verification”.
The spread of rumours, the document warns, also increases fear, which raises mental fatigue, making it more likely that people will click on nefarious links or provide personal information that could lead to hacking.
The warnings about increased cyber vigilance echo those made shortly after February 28, when the US and Israel attacked Iran. Within hours of those strikes, cyber security analysts warned of an increase in potential cyber attacks from Iran and groups seeking to take advantage of the situation.
Maher Yamout, a lead researcher for cyber security company Kaspersky, said bad actors were also using AI to exploit geopolitical tension. “We’re seeing attackers use AI to automate reconnaissance, generate highly convincing phishing messages and create deepfake content at scale,” he told The National. “Whether with a specific target in mind or even just to create widespread fear and confusion during tense times.”
Mr Yamout added that AI was “lowering the barrier to entry” and making it easier and more economical for cyber crime groups to try to compromise systems all around the world. “Anyone can abuse these capabilities, making cyber attacks more widespread than ever before,” he warned.
On Monday, Microsoft's Threat Intelligence division said phishing campaigns, which can manipulate people into clicking links that may extract and compromise data, also continue to be a popular attack method.
“Phishing campaigns continue to improve refinement in blending social engineering, delivery and hosting infrastructure, and authentication abuse to remain effective against evolving security controls,” the company said.
Between April 14 and 16, Microsoft's security research team said it tracked phishing campaigns “targeting more than 35,000 users across over 13,000 organisations in 26 countries”. Microsoft did not say from where the phishing campaigns originated and pointed out the difficulty of doing so.
“Analysis of the sending infrastructure indicated that the campaign emails were sent using a legitimate email delivery service, likely originating from a cloud-hosted Windows virtual machine,” a blog post detailing the phishing attacks said.
