The Month of Ramadan and Cyberattacks

By   ISBuzz Team
Writer , Information Security Buzz | Jul 27, 2015 06:00 pm PST

Background

The following intelligence report was generated using the Cytegic DyTA intelligence platform. The report represents the most interesting and note-worthy cyber-trends that were identified using DyTA.

Executive Summary

When analyzing the activity and behavior of Muslim and Arab-affiliated hackers (Hacktivists, NationStates, Sensationalists and Terrorists) before and during the month of Ramadan we came to realize several interesting trends and patterns:

  • During the period (the ninth month of the Islamic calendar), which started this year on the 17th of June, the “cyber activity” level of Muslim and Arab-affiliated attackers is low compared the previous months
  • There is a significant drop in activity level right after the Ramadan starts, and specifically in the first Friday of the Ramadan – this year it was June 19th (a significant day for Muslims)
  • When it comes to analyzing the threat landscape based on Industry – it is interesting to see that Western Europe and the Middle East are very similar – IT, Government and Media leading the scale
  • In the perspective of Assets – in the Middle East and North America, the most targeted asset was Monetary Value (mainly Bank Accounts), followed by Agreements, PII and Services to Clients
  • The top most attack methods used by these attackers during the period were Malware, Email Social Engineering, Botnets and Denial of Service

According to DyTA’s forecasting capabilities, we see that as the month is nearing its end, the activity level returns to heights from the period prior to the Ramadan

Infographic Section

  • Arab & Muslim Attackers Activity – Based on Geo-Political Regions

We can see the routine activity during the last 6 months and then the significant drop when the Ramadan starts in the middle of June. There is even a very high rise in the activity level of these attackers in during May.

Image 1

  • Arab & Muslim Attackers during Ramadan 2015 (from the 17th of June)

Drill-down to the Month of Ramadan itself: we can see the dramatic drop of the activity in the first Friday of the Ramadan on the 19th of June.

Image 2

  • TTPs Used by Arab & Muslim Attackers During Ramadan:

Image 3

  • Top Targeted Industries During Ramadan

Image 4

  • Top Targeted Assets

Image 5

[su_box title=”About Cytegic” style=”noise” box_color=”#336588″]cytegicCy-te-gic /pronounced: sʌɪ-ˈtē-jik/ adjective: A plan of action or strategy designed to achieve a long-term and overall successful Cyber Security Posture Optimization – “That firm made a wise Cytegic decision”.

Cytegic develops a full suite of cyber management and decision-support products that enable to monitor, measure and manage organizational cyber-security resources.

Cytegic helps organization to identify threat trends, assess organizational readiness, and optimize resource allocation to mitigate risk for business assets.[/su_box]

Subscribe
Notify of
guest
0 Expert Comments
Inline Feedbacks
View all comments

Recent Posts

0
Would love your thoughts, please comment.x
()
x