Report: Egypt ranks fourth in its commitment to digital security in the Middle East


Kaspersky Russian Center researchers closely monitored the Advanced Persistent Threats (APT) landscape in Egypt, and prepared 38 investigative reports relating to 12 digital gangs actively targeting the country since the outbreak of the pandemic in 2020.

According to the Global Digital Security Index, Egypt ranked fourth in the Middle East and North Africa region in its commitment to digital security, which confirms the government’s keenness to continue improving its security capabilities.

The reports included information on threats and investigations related to digital gangs targeting Egypt, which ranks third in the number of reports issued by all Middle Eastern countries, making it one of the most targeted countries in the region.

Kaspersky found that these gangs primarily target government institutions and diplomatic agencies as well as educational institutions and telecommunications companies in the country.

Other target audiences include financial institutions, IT companies, healthcare organizations, law firms and some of the notorious digital gangs behind APTs investigated in Egypt included Lazarus, MuddyWater, Zeboracy, StrongPity and SideCopy.

The research team found that “public application exploits”, “valid accounts” and “phishing” were the most common attack vectors targeting infrastructures in Egypt. The Lazarus gang, for example, is notorious for conducting targeted phishing campaigns and “water hole” attacks that monitor highly frequented websites and “boost” them with malware.

The MuddyWater Middle Eastern espionage gang targeted government agencies, telecom companies and oil with the aim of extracting information using the hacked accounts to send phishing emails with attachments directed at specific targets.

There is the Zeboracy Trojan, which is used in digital espionage campaigns to collect raw data from compromised systems, and the StrongPity gang is responsible for spying campaigns that use “zero-day” attacks, social engineering tricks, and Trojan installers to deliver malware to its victims. In turn, the SideCopy gang carries out malware attack campaigns targeting various entities for espionage purposes.

Abdelsabour Arous, a security researcher in Kaspersky’s Global Research and Analysis Team, emphasized that threats are becoming more and more complex every day, saying that investigating and reporting on the activity of these digital gangs “allows us a broad and in-depth view to understand their motives and movements, which enables us to provide relevant stakeholders with knowledge.” they need to stay safe from its dangers.” “There is an urgent need for various organizations to stay informed of the latest developments, allowing security teams to anticipate the next steps of attackers and take appropriate steps to protect themselves against future incidents,” he added.

For her part, Nouf Al-Qahtani, Senior Analyst for Cyber ​​Security Threats at STC, stressed that employees in any company are the “first line of defense” against digital attacks, stressing that they “bear part of the responsibility” in protecting data, which is one of the most important institutional assets.

She said it is essential that companies provide appropriate training in digital security for all their employees and familiarize them with safe ways to operate devices and share data internally and externally, and to understand the evolving nature of digital crime, in order to fortify that line of defense.

The security expert added: “Employees who are familiar with the principles of digital security know what the features of danger alerts look like when the company’s networks, devices and information are under threat. As for the second line of defense after employees, I see it represented in the threat intelligence, which companies and institutions must be keen to provide.” .

AI, Internet of Things, Blockchain, Fintech, and 5G networks continue to gain momentum across the public and private sectors in Egypt. Increasing internet connectivity is often associated with an increase in digital threats, so the country has prepared itself for even the most challenging digital security attacks, by putting it at the forefront of digital transformation efforts.

Kaspersky monitors APT gangs and provides interested parties with access to the results of investigations and discoveries, including complete technical data available in a range of formats, of each APT gang as soon as it appears. Kaspersky cooperates with and shares information with legal authorities to track down the gangs behind such attacks and bring their members to justice.


Please enter your comment!
Please enter your name here