Exploit detections in the Middle East rise 8% in Q2 2022

News Desk -

Share

According to Kaspersky Security Network data, the number of exploits detected in the Middle East in Q2 2022 increased from Q1 – the company’s security solutions detected 1,258,283 cases between April and June 2022.

Exploits are programs or pieces of code written by cybercriminals that are intended to exploit a bug or vulnerability in a local or remote application or operating system (PC, server, mobile device, IoT device, etc.). Using an exploit, attackers gain unauthorized access to these systems’ applications or operating systems.

“Over the last years we have seen the attackers’ firm interest towards zero-day exploits – vulnerabilities previously unknown to vendors that pose a serious threat to all users, home and corporate. These exploits give attackers an easy access to victims. That’s why it is important not only to constantly update your systems, but also to install security solutions that proactively discover unknown threats. Of equal importance is providing your cybersecurity team with access to the latest threat intelligence and regular professional trainings,” comments Dr. Amin Hasbini, Head of Global Research and Analysis Team (GReAT), Middle East, Turkey and Africa region at Kaspersky. “Kaspersky’s Exploit Prevention technology was designed to add an additional layer of protection for the most frequently targeted programs and technologies. It provides an efficient and non-intrusive way for blocking and detecting both known and unknown exploits. EP is an integral part of Kaspersky’s behavior-based detection capabilities.”

Zero-day exploits, which rely on previously unknown vulnerabilities to the software vendor, are frequently used for cyberespionage against various organizations and are especially dangerous for large businesses, government agencies, and individuals with access to valuable data. Zero-day exploits were used in some of the world’s most infamous cyberattacks, including the Sony Pictures attack, Stuxnet, MysterySnail, PuzzleMaker, and others.

Kaspersky discovered four zero-day vulnerabilities in Microsoft products in 2021 that cybercriminals could exploit: CVE-2021-28310, CVE-2021-31955, CVE-2021-40449. They were discovered using Kaspersky’s Exploit prevention technology, which detects not only known exploits but also suspicious anomalies in program behavior, assisting cybersecurity practitioners in identifying new vulnerabilities.

Bahrain saw the most significant increase in exploit detections among Middle Eastern countries in Q2 compared to Q1 – by 137 percent to 22,186 cases, with the share of affected users increasing by 36 percent. It was followed by Saudi Arabia, where exploit detection increased by 57% to 523,367, while the proportion of affected users decreased by 9%. The number of exploit detection cases in Oman increased by 12% to 16,871, while the proportion of affected users decreased by 9%. The number of detections in the United Arab Emirates remained nearly unchanged in Q2 at 192,959 (1 percent increase from Q1), while the proportion of users affected by exploits decreased by 10%.

On the contrary, the most significant decrease in exploit detections in the Middle East countries in Q2 compared to Q1 occurred in Egypt – by 19% to 450,828 cases, with the share of users affected by exploits decreasing by 11%. Exploit detections in Qatar decreased by 12% to 38,140. (7 percent decrease in the share of affected users). Kuwait saw an 8% decrease in exploit detections to 13,932 cases, but the percentage of users affected increased by 12%. 

To protect your organization from exploits, Kaspersky experts recommend:

  • Update your device’s OS and other third-party software as soon as possible and do so regularly
  • Use a reliable endpoint security solution such as Kaspersky Endpoint Security for Business that is powered by exploit prevention, behavior detection and a remediation engine that is able to roll back malicious actions.
  • Provide your SOC team with access to the latest threat intelligence and regularly upskill them with professional training. 
  • Along with proper endpoint protection, dedicated services can help against high-profile attacks. The Kaspersky Managed Detection and Response service can help identify and stop attacks at the early stages before attackers achieve their goals.