Saudi Arabia has successfully deflected a number of attempted cyberattacks staged by extremist groups seeking to breach government computer systems and steal information, cybercrime experts told Al-Shorfa.
In mid-May, the National Centre for Cybersecurity Technology (C4C) reported that cyberattacks had targeted several government institutions.
These were intercepted by Saudi cyberdefence institutions, including C4C and the Ministry of Interior’s Cyber Emergency Response Teams (CERTs) and Cyber Crime Investigation Units (CCIU), which are equipped and staffed at a high level, the centre said.
"The kingdom was one of the first Arab countries to fortify itself against cyberattacks," said Saudi security researcher and information security and anti-cybercrime expert Mohammad al-Sree.
Saudi Arabia established a cybercrime office in 2007 after the cabinet adopted the Anti-Cybercrime Law, he told Al-Shorfa. Soon after this, the kingdom established the C4C and CERTs to respond to any cybersecurity emergency.
Preventing breaches
Cyberattacks launched via social media that seek to elicit sympathy for the "Islamic State of Iraq and the Levant" (ISIL) or recruit Saudi citizens into its ranks constitute the gravest threat to the kingdom, al-Sree said.
This issue is "receiving a great amount of attention" from the authorities, who are conducting awareness campaigns to alert people to this danger, he added.
Cyberattacks primarily target government institutions and ministries, particularly the Ministry of Finance, as well as banks and security agencies, al-Sree noted.
"Any damage that is caused to the computer systems or databases of these entities would have a considerably negative impact on the kingdom’s economy and security," he said.
"Responding to breach attempts and defending the kingdom is the responsibility of government agencies," al-Sree said.
The authorities have been working around the clock to field complaints and reports from the public about suspect accounts that could be administered by ISIL and other groups of its kind, he said.
Saudi youth also can play a leading role in preventing breaches by reporting users who attempt to penetrate Saudi society or send viruses to breach accounts, he added.
Many cybercrime and information technology security departments have been set up at the kingdom's universities to equip a new generation of Saudi youth to work in this field, he said.
Rise in threats
The kingdom’s current cyberdefence capabilities are the most advanced in the Middle East, former Saudi army officer and military attaché Maj. Gen. Mansour al-Shehri told Al-Shorfa.
"Those capabilities were boosted in light of the potential threats of a cyberbattle that could possibly be waged against the kingdom by terrorist groups," he said.
Al-Sheri stressed the need to take the threat of cyberattacks seriously, as they have become a non-conventional weapon in the battles with extremist groups.
"The Ministry of Interior’s cybercrime teams respond daily to any information of any kind submitted by citizens," he said.
This information is given the utmost attention, he added, noting that government employees undergo continuous training to apprise them of all that is new in this field.
A cyberattack on a country usually takes the form of a co-ordinated attack by a large number of hackers who set out to breach computer systems and acquire passwords that allow them to access main databases, said Helwan University telecoms professor Mahmoud Shaheen.
"Terrorist groups are potentially able to mount such an attack by recruiting a large number of hackers who specialise in breach operations," he told Al-Shorfa.
In Saudi Arabia’s case, information on the most recent attack indicates it "consisted of a large number of suspect emails that reached government and local email addresses", he said.
This attack was prevented, however, as the preventive measures implemented through protection programmes fully performed their functions, Shaheen said.