Mahmoud Al-Kafrawi - Kuwait

From time to time, government agencies in Kuwait are subjected to cyberattacks or so-called “ransom attacks” and attempts to pirate their data, which makes hacker attacks a headache in those areas.

Ransom attacks are a type of malware or virus that enters the operating systems of electronic devices through various scams through which those programs are installed as a request to open a specific message and after that encrypts all data and files in those devices, and requests huge sums to decode and retrieve those The data again, which the hacker may partially open after receiving the amounts and then re-encrypting them in a long blackmail process.

Last October, Kaspersky Internet Security Protection Software Inc said that Kuwait had experienced 30,000 attempts a day from September 25 to October 1, 2019, through 210,000 attempts during a week, across ten types of Electronic viruses and parasites.

On January 26, a professional hacker hacked the site of the General Administration of Fire and Disruption of Work, requesting that he pay ten thousand dollars for his return to work, and despite activating the administration, according to the local newspaper Al-Qabas, for all plans for protection immediately after discovering the matter, the hacker still controlled the site For more than eight days, amid fears he has implemented threats related to the publication of management data.

A conference held last year in Kuwait on cyber security (Al Jazeera Net)

During 2018, Kuwait ranked fifth in the Gulf, the sixth in the Arab world, and 67 globally among 175 countries around the world in the cybersecurity index.

Electronic Attack Statistics Center
According to Basil Al-Othman, director of "Kuwait Hackers", specialized in information security, Kuwait does not have a center for counting electronic attacks, nor does the official authorities issue periodic data on the number of those attacks and their failures.

If the risk of ransom attacks includes banks and private sector companies, but their risk - according to Al-Othman’s talk to Al Jazeera Net - remains more severe for government institutions and oil companies in particular, some of which lack the experience of discovering these attacks as well as the ability to restore service again.

The president of the Kuwaiti Information Security Association, Safaa Zaman, identifies three demands to address the current imbalance, which are issuing legislations that keep pace with technological changes, the existence of advanced security technologies and programs, and finally changing the culture of society regarding information security.

Safaa Zaman criticized - in an interview with Al-Jazeera Net - that Kuwait does not have an institution or a body specialized in cyber security despite the importance of this matter globally, citing the movement of countries in the region, as the Kingdom of Saudi Arabia established a national body for it, and the Sultanate of Oman has since 2012 established the Arab Regional Center for Cyber ​​Security.

During 2018, Kuwait ranked fifth in the Gulf, the sixth in the Arab world, and 67 globally among 175 countries around the world in the Cybersecurity Index (Al Jazeera Net).

Safaa says that despite Kuwait's recent move to develop a national strategy for cybersecurity, its features are not yet clear, stressing the importance of building a unified security base for all government and private sectors and unifying its infrastructure.

Legislation
While Al-Othman emphasizes that there is an urgent need to legislate advanced laws that keep pace with technological changes, especially that most Gulf countries lack a data protection law in this regard, which is not compatible with the European Data Protection Act (GDPR), as the importance of this law lies in ensuring that personal data is not leaked and ensuring the right Persons to amend or add any new information to this and regulate dealing with its confidentiality.

The specialists rely on this legislation to face the abuses of many authorities with regard to the confidentiality of the data that they obtain after the matter came to obtain the fingerprints of private companies that have the subscribers' fingerprints that remain in the possession of the company even after the customer left it, as well as some companies employees to leak the data from time to time .

According to a previous statistics of the Department of Cybercrime, the number of those crimes jumped from 997 crimes in 2013 to 4,502 crimes in 2018.

Omar Al Ibrahim, a professor of information security at the College of Life Sciences at Kuwait University, confirms that smartphones - specifically social media applications - contribute a lot to the spread of electronic piracy operations due to gaps in applications such as WhatsApp and Instagram in particular, or for the phone owners to relax from following their updates.