Gulf states must increase their level of co-ordination to combat the growing number of cyber-attacks, experts attending the 2nd International Cyber Security Conference in Riyadh said at the conclusion of the meeting.
Gulf Co-operation Council (GCC) countries are at risk of a security breach, Saleh al-Mutairi, director general of the Saudi Interior Ministry's National Centre for Electronic Security warned at the February 27th gathering.
Hackers have attempted to breach the Bahraini Interior Ministry's information systems, said Lt. Col. Bassam Al Maraj, director general of the ministry's General Directorate of Anti-Corruption and Economic and Electronic Security.
"The source was Iran," he said, adding that "Bahrainis living in Iran" had been responsible for the breach.
Bahrain and Kuwait were two GCC countries that came under an increasing number of cyber-attacks last year, cyber security experts said.
The latest statistics compiled by Bahrain's Information and E-Government Authority show the Bahraini government and its institutions came under 3,000 cyber-attacks in the first half of 2016.
These include 140 breach attempts, an average of close to 500 attacks per month, which sought to disrupt government functions and access personal data.
Official statistics also show the number of viruses sent to government agencies is rising, from 650,000 in the first half of 2015 to 840,000 in the first half of 2016.
New methods of warfare
The methods used to engage in warfare have changed, Bahrain Governing Council chairman Nawaf Abdulrahman told Al-Mashareq.
Technology is now a factor, he said, with hacking and breaches of computer networks turning wars into ‘cyber wars’ directed from remote locations.
"Frequent cyber-attacks were recorded against official online sites, originating from certain countries, led by Iran," he said. "This is natural considering the Tehran government’s expansionist ambitions toward Bahrain."
Recent attempts to breach Bahrain’s electronic systems necessitate that the "government invest in information security on multiple levels", Nawaf said.
The first step would be "an upgrade to the government’s systems to ensure that the official agencies’ information and equipment are protected", he said.
The second step would be to increase the kingdom's investment in human resources to ensure that electronic systems can be managed with a high level of professionalism and proficiency to eliminate security vulnerabilities.
This would include training specialised personnel on information security, he said, and may include the establishment of an electronic army .
The third step, Nawaf said, centres on "the need to increase awareness among employees of government agencies and institutions and instruct them not to open emails or possible virus-infected files".
A collective security strategy
Nawaf said he expects Bahrain to continue to come under cyber-attacks originating in Iran.
He called on "Arab Gulf states to adopt a national information security strategy, not individually but collectively, augmented by the exchange of expertise, to ensure that electronic systems have maximum protection".
This is necessary to ensure that "confidential information stays out of reach of hackers who seek to destroy them or hold them hostage", he said.
"Iran is behind terrorism, extremism and cyber piracy, and the proof lies in the growing number of cyber-attacks on state institutions," said Bahraini MP Jamal Bu-Hassan.
"We have enough technology, capabilities and funding to protect our websites. We must make greater efforts to detect [cyber-attacks] before they occur and repulse them," Bu-Hassan said.
State employees must be made fully aware that there is an ongoing organised cyber campaign being waged by Iran, he said.
"Therefore it is essential that the security of information is protected and its first lines of defence are strengthened to prevent data and main systems breaches."
Law includes protective measures
Under Bahraini law, the relevant agencies are required to take protective measures to thwart any threat to the security of government data, Shura Consultative Council member Dalal al-Zayed told Al-Mashareq.
"According to official statistics, Iran is involved in the majority of systematic cyber-attacks on Bahrain, and according to international criteria, response to 'electronic aggression' must be done through recognised international channels," she said.
Cyber threats have become more diverse "as hackers got more clever, and now include malware designed to erase or steal stored data to acquire information about the [targeted] countries", she said.
This necessitates that the government raise the level of its readiness in the area of cyber-security, al-Zayed said.
Cyber-attacks are no less of a threat than military action, she said, and have dire consequences and ramifications for any state, which necessitates the round-the-clock adoption of the latest techniques to repel them.