Exploit detections in the Middle East rise 8% in Q2 2022
According to Kaspersky Security Network data, the number of exploits detected in Q2 2022 in the Middle East increased compared to Q1 – the company’s security solutions have detected 1,258,283 cases in April-June 2022.
Exploits are programs or pieces of code written by cybercriminals that are designed to take advantage of a bug or vulnerability in an application or operating system running on a local or remote system (PC, server, mobile device, IoT device, etc.). Using an exploit, attackers gain unauthorized access to the applications or operating systems on these systems.
Zero-day exploits – those relying on vulnerabilities that were previously unknown to the software vendor – are often used for cyberespionage on different organizations and are particularly dangerous for large businesses, government agencies, individuals with access to valuable data. Zero-day exploits were at the heart of some of the most infamous cyberattacks around the world, such as the Sony Pictures attack, Stuxnet, MysterySnail, PuzzleMaker and others.
In 2021, Kaspersky found 4 zero-day vulnerabilities in Microsoft products that cybercriminals could exploit – CVE-2021-28310, CVE-2021-31955, CVE-2021-31956, and CVE-2021-40449. They were discovered with Kaspersky’s Exploit prevention technology, which detects not only known exploits, but suspicious anomalies in programs’ behavior as well – and therefore helps cybersecurity practitioners reveal new vulnerabilities.
Bahrain saw the most significant increase in exploit detections in Q2 compared to Q1 among the Middle East countries – by 137% to 22,186 cases, with the share of affected users rising by 36%. It was followed by Saudi Arabia – exploit detection saw an increase of 57% to 523,367, while the share of affected users decreased by 9%. Oman saw a 12% rise in exploit detection cases to 16,871, with the share of affected users decreasing by 9%. In the United Arab Emirates, the number of detections remained almost unchanged in Q2 at 192,959 (1% increase from Q1), and the share of users affected by exploits decreased by 10%.
On the contrary, the most significant decrease in exploit detections in Q2 compared to Q1 in the Middle East countries happened in Egypt – by 19% to 450,828 cases, with the share of users affected by exploits decreasing by 11%. Qatar saw a decrease in exploit detections by 12% to 38,140 (7% decrease in the share of affected users). Kuwait saw a decrease of 8% in exploit detections to 13,932 cases, however, the share of users affected rose by 12%.
“Over the last years we have seen the attackers’ firm interest towards zero-day exploits – vulnerabilities previously unknown to vendors that pose a serious threat to all users, home and corporate. These exploits give attackers an easy access to victims. That’s why it is important not only to constantly update your systems, but also to install security solutions that proactively discover unknown threats. Of equal importance is providing your cybersecurity team with access to the latest threat intelligence and regular professional trainings,” comments Dr. Amin Hasbini, Head of Global Research and Analysis Team (GReAT), Middle East, Turkey and Africa region at Kaspersky. “Kaspersky’s Exploit Prevention technology was designed to add an additional layer of protection for the most frequently targeted programs and technologies. It provides an efficient and non-intrusive way for blocking and detecting both known and unknown exploits. EP is an integral part of Kaspersky’s behavior-based detection capabilities.”
To protect your organization from exploits, Kaspersky experts recommend:
Update your device’s OS and other third-party software as soon as possible and do so regularly
Use a reliable endpoint security solution such as Kaspersky Endpoint Security for Business that is powered by exploit prevention, behavior detection and a remediation engine that is able to roll back malicious actions.
Provide your SOC team with access to the latest threat intelligence and regularly upskill them with professional training.
Along with proper endpoint protection, dedicated services can help against high-profile attacks. The Kaspersky Managed Detection and Response service can help identify and stop attacks at the early stages before attackers achieve their goals.