Cybersecurity Threats Intensify in the Middle East During Ramadan

The holy month of Ramadan is a period where Middle East-based companies step up cybersecurity with extra vigilance and outsourced support amid shortened working hours and increased e-commerce activity.

The ninth month of the Muslim calendar is observed around the world as followers take the time to reflect and practice fasting, and cybersecurity teams often operate with skeletal staffing. Ramadan is also a period where Muslim shoppers tend to up their spending on speciality foods, gifts, and special offers.

All of this also creates a perfect storm for bad actors to conduct fraudulent activities and scams.

Endpoint protection firm Resecurity has observed a significant increase in cyber malevolence during Ramadan, which began on March 10. The company estimates the total financial impact from these cyberattacks and cyberscams against the Middle East has reached up to $100 million so far during this year's Ramadan. This figure accounts for fraud perpetrated against expatriates, residents, and foreign visitors and includes wire fraud, fraudulent campaigns, e-commerce fraud, and phishing. 

In particular, Resecurity notes a rising trend where cybercriminals impersonate local shipping companies like Aramex, SMSA Express, and Zajil Express to deceive Internet users. They target victims through SMS, iMessage, and WhatsApp with phony parcel delivery messages that pressure the victim to pay immediately for their "delivery."

"[Users] are strongly advised to refrain from sharing personal and payment information on questionable sites or with individuals posing as bank or government employees," Resecurity warned in its report.

Shilpi Handa, associate research director of security, Middle East, Turkey, and Africa (META) at IDC, agrees there is a "noticeable increase" in DDoS, phishing, and ransomware attempts during the holy month.

Cyber Risk Preparation

Even so, cybersecurity professionals in the region are well-versed on the cyber risk escalation during Ramadan. Security preparations typically begin well in advance of Ramadan, Handa notes.

"Many organizations proactively enhance their outsourced contracts during this period, particularly focusing on bolstering 24/7 security operations," she says, adding that deploying a remote and diverse workforce is particularly advantageous during Ramadan as around-the-clock security shifts can be fully covered by a mix of Muslim fasters and non-Muslim staff.

Organizations that expect to be short-staffed during Ramadan should prioritize their critical infrastructure to ensure operational continuity and lessen the frequency of active threat hunting if resources are stretched, Handa says. Companies also should enhance security measures for email and corporate networks because those historically have been targeted in the Middle East, she adds.

In the last few years, the UAE Cybersecurity Council has taken to issuing special advisories during Ramadan. On March 4 this year, the UAE launched its National Campaign for Cybersecurity, aimed at raising awareness and promoting cybersecurity best practices among the public.

Ezzeldin Hussein, regional senior director, solution engineering, META at SentinelOne, advises companies to prioritize cross-training within cybersecurity teams to ensure that essential tasks can be handled by multiple team members. And set clear protocols for incident response and escalation paths to streamline decision-making processes amid possible reduced staffing levels, he adds. 

Ali Haider, a New York-based senior security consultant at Secureworks, says companies should take extra steps to promote a culture of vigilance and awareness among employees and encourage them to report any suspicious activities or security concerns. 

Haider, who worked in the UAE and Saudi Arabia for over a decade, recommends that companies coordinate with the relevant law enforcement agencies. "Maintain open communication channels and coordinate security efforts as needed. Collaborating with authorities can enhance security effectiveness and facilitate a coordinated response to security incidents," he says.

Ramadan and Year-Round

Of course, robust cybersecurity measures should be deployed all-year round, not just for Ramadan, Haider cautions.

"Attackers may exploit potential vulnerabilities, such as reduced staffing or distracted teams. However, businesses should maintain vigilance and strengthen cybersecurity measures year-round," he says. "Ultimately, a proactive approach is key to safeguarding against cyberattacks, regardless of the time of year."