Threat actors, including infamous cybercrime groups and financially driven ransomware gangs, have focused on Arab countries› businesses and organizations as they grow and move toward digital transformation. In particular, ransomware is a very serious type of cyber-attack worldwide, and many organizations are severely affected by it. INTERPOL indicates that the ransomware gangs are targeting different regions such as Africa, Americas, Caribbean, Asia-Pacific, Europe, Middle East, and North Africa 1.
The Center of Excellence in Cybercrime and Digital Forensics (CoECDF) at NAUSS has conducted a deep web search, collecting, analyzing, and classifying data on ransomware gangs targeting Arab countries and organizations from 2020 to 2022. We have collected the information of ransomware victims through the darknet and dark web, focusing on leaked information.
This report focuses on the Arab countries, organizations, and sectors victimized by ransomware gangs and whose information has been leaked on the darknet. Moreover, it investigated ransomware gangs that carried out cyberattacks against Arab countries, and the tactics, techniques, and procedures (TTPs) they were using.
The number of organizations that are attacked by ransomware gangs is increasing significantly. Some organizations pay ransom to ransomware gangs in order not to publish their information on the darknet. As a result of not paying the ransom demanded by the ransomware gangs, certain organizations and countries had their private and sensitive data leaked to the dark web.
The purpose of this report is to help law enforcement agencies combat ransomware cyberattacks by providing them with insights into the evolving tactics of ransomware gangs. By understanding how these gangs operate, law enforcement agencies can better prepare to combat and respond to ransomware attacks.
NA