On the sidelines of the event, Ahram Online interviewed Ashraf Koheil, the director of business development in the Middle East, Africa, and Turkey at Group-IB, which cooperates with Egypt’s government on securing national infrastructure across several governmental sectors in Egypt, such as security for digital government services, the banking, financial services and insurance (BFSI) sectors, as well as the defence and law enforcement vertical.
Group-IB is a global threat-hunting and adversary-centric cyber intelligence company that centres on investigating and preventing hi-tech cybercrimes.
Ahram Online also discussed with Koheil how the group perceives Egypt’s efforts in the field of digital transformation under the “Digital Egypt” national project.
AO: How do you perceive the Egyptian government's efforts in implementing its digital transformation strategy?
AK: Over the past few years, Egypt has made significant strides towards its digital transformation. These efforts have been visible as the country strives towards automating various sectors such as governmental services, financial institutions, and the energy vertical. Egypt envisions a future where innovation will be the next frontier. This is reflected in the country's Vision 2030 strategy, which outlines the end goal of building "Digital Egypt," through three pillars: digital transformation, digital skills and jobs, and digital innovation, where cybersecurity and cyber risk-aware culture would play a decisive role.
With Egypt hosting strategic technology centric events such as the Future Data Centres, held in May, it is clear that they are making progress towards that goal. These events help attract and bring together leading foreign and local companies within the technology sector, encouraging the adoption of new technologies in the country while inspiring and enriching the existing and future local talents within the field. Judging solely by the number of meetings we held at FDC and the interest our Incident Response Games, a competition where the participants solved an incident response case based on a real-life scenario, I can tell that cybersecurity is regarded as one of the top priorities for the country on its way to building a Digital Egypt. This will accelerate digital innovation stemming from Egyptians themselves.
AO: What are the main threats that the Egyptian banking sector is facing in terms of cyber security, especially since Egypt has recently launched its national online payment system?
AK: As digital transformation has been fostered and supported by the Egyptian banking sector, the rapid transition has happened on a large scale. Given its scale and speed, this has attracted unwanted attention from both small-time scammers and sophisticated threat actors with different motivations and capabilities.
According to Group-IB’s annual Ransomware Uncovered 21/22 report, essentially a guide into cyber threat number one, the data belonging to 148 MEA companies was uploaded to ransomware dedicated leak sites between the first quarter (1Q) of 2021 and 2Q of 2022. I would like to highlight that the number of actual ransomware victims is significantly higher, as these are just the companies who ended up on DLS.
Ransowmare attacks are more devastating than ever before: the average ransom demand increased by 45 percent in 2021, the victims’ downtime also increased from 18 days in 2020 to 22 days in 2021.
Initial Access Brokers (IABs), who sell access to corporate networks, became a driving force of the phenomenal growth of the “ransomware empire”, as they remove the need for ransomware operators to break into networks on their own. Egypt was the second most popular target of IABs in the MEA region: 23 percent of the total number of initial access offers in the region were related to Egyptian organisations in H2 2020 – H1 2021. And the banking sector is one of their prime targets.
And of course, scams are all over the place. Accounting for 57 percent of all financially motivated cybercrime, the scam industry is becoming more structured and involves more and more parties divided into hierarchical groups. At Group-IB’s recent Digital Risk Summit, attended by Egypt’s Ebank, we presented out traditional overview of scam trends. In 2021, the number of brand-impersonating scam resources created per month In the Middle East region increased by 150 percent.
Scammers continued using special days and situations as occasions for fraud. During the holy month of Ramadan, our Digital Risk Protection team detected an active Ramadan-themed scam campaign targeting users in the UAE and other Arabic-speaking countries. Group-IB experts identified a network of interconnected 60 scam pages (see examples attached) using more than 20 well-known local telecommunications, retail, entertainment companies and celebrities as bait.
Due to the global health situation, the number of Covid-19 scams increased, especially relating to fraudulent vaccines and Covid certificates. More than 7.5 million subscribers for groups providing fake Covid-related documents were found around the world last year.
AO: Is your company currently cooperating with the Egyptian government?
AK: Group-IB provides advisory services, strategic planning, and executive education on securing critical national infrastructure to several governmental sectors within Egypt, such as security for the digital government services, the BFSI sectors, as well as the defence and law enforcement vertical.
Exactly a year ago, we launched our MEA Threat Intelligence and Research Centre in Dubai, which plays a pivotal role in our research into the regional threat landscape and on-the-ground support for the growing number of customers and partners. Our subject matter experts also share best practices with government representatives and financial certifiers across the region.
Just like in other regions of operation, in MEA Group-IB has been consistently pursuing its mission of disrupting cybercrime. In 2021, we supported several INTEPROL-led operations aimed at identification and arrest of high-profile cybercriminals. This month, as par of the operation Delilah, we helped track down a head of huge cybercriminal phishing ring, called TMT, who was arrested in Nigeria.
AO: Out of your collaboration with global major entities, what are the global experiences Egypt needs to benefit from in the field of cybersecurity?
AK: With the global technology industry growing faster than the available talent pool, a large digital skills gap can be observed. In the Middle East, a survey shows that 41 percent of employers expected a technical skills shortage in the region in 2021 as the need increases for local talent with the correct industry experience.
However, more cyber risk investments have been expected to be put into the MENA Fintech sector, as funding has doubled within the regional Fintech field. Egypt must therefore follow suit and invest in developing its existing and future human resources. Egypt needs to adopt a global approach toward transforming the local security culture. This is done by effective public-private partnership in cybersecurity domain, raising awareness of the importance of cybersecurity within organisations, regardless of the vertical.
AO: How do you see digital transformation in Egypt going forward?
AK: Digital transformation is gaining momentum in Egypt due to the spotlight it has occupied over the last three years. We anticipate the local digital transformation to be accelerated over the next decade, precisely due to Egypt's Vision 2030.
Despite digital transformation being more prominent in some fields, we believe that thanks to the effort and hard work being put into its implementation through ongoing events and projects, this will yield significant financial and academic investments as well as growth.