Cyberattacks on UAE’s small businesses on rise in Q1 of 2022

The first quarter of this year witnessed a rise in cyberattacks on the small and medium businesses in the UAE, Kaspersky, a multi-national cybersecurity and anti-virus provider based in Moscow, said.

In its latest report released on May 31, Kaspersky said there has been increase in the number of disclosures of breaches of passwords and other information for 45% of small businesses in the Emirates compared to the corresponding period in 2021.

While the number of breaches were around 110,195 this year, some 75,846 such incidents took place in 2021. This Trojan allows the hackers to enter the network of organizations and steal information.

Other common attack methods targeting small businesses in 2022 include Internet attacks, specifically through web pages that redirect users to other pages to entrap them, sites containing vulnerabilities, as well as other malware, command and control centers, for managing botnets, and others, the report said.

The number of internet attacks in the first three months of 2022 remained about the same as last year, with Kaspersky researchers detecting 367,261 attacks compared to 378,730 attacks in the same period in 2021.

RDP Protocols

With the shift towards remote work, many companies have begun employing Remote Desktop Protocol (RDP), a technology that enables computers on the same network to communicate together remotely, and the total number of attacks targeting desktop protocol has decreased slightly.

As a result, companies welcome the return of employees to office work. In the first three months of 2021, there were 5.5 million attacks, while in the same period in 2022 the number fell to 3.6 million.

Denis Barinov, a security researcher at Kaspersky, stressed the need to develop security measures to support the complex settings associated with switching to remote work.

Despite the introduction of many advanced technologies into the daily operations of small companies, cybercriminals are making more progress, to the point that almost every company will face an attempt to hack into.

At some point, the issue is no longer related to the possibility of security incidents, but rather when they will occur, which makes the presence of trained and specialized information technology employees a necessity in business development, the report said.