The government's rapid digitalization has made Egypt a tempting target for cybercriminals, as demonstrated by the diverse range of attack methods and the data uncovered on the dark web platforms.
According to a study conducted by Positive Technologies, personal data and trade secrets were among the most commonly stolen types of information, accounting for 23-27 percent of all listings uncovered on the dark web.
Most of the reports about data breaches involved individuals (40 percent), followed by e-commerce (22 percent) and the service and transportation sectors (10 percent each). One post, for example, advertised the sale of the personal data of 85 million Egyptian citizens.
Cybercriminals often combine various technologies with social engineering techniques to carry out attacks. In Egypt, the main methods of attacks were malware and social engineering, each accounting for 36 percent of cases.
In 16 percent of cyberattacks, hackers exploited vulnerabilities. Throughout 2024, hackers employed a double extortion tactic in attacks on Egyptian organizations: they used malware to encrypt victims' data. Then, they stole confidential information, threatening to release it unless a ransom was paid.
The ever-changing nature of cyber threats requires organizations to focus on training highly skilled cybersecurity professionals. Hands-on training programmes that consider the current threat landscape and allow for experience sharing with other countries can help achieve this goal.
In real life, learning often comes through trial and error, but there is a risk of being outmatched by cyber criminals in a face-to-face encounter.
One of the best ways to train cybersecurity specialists is to participate in open knowledge-sharing programmes led by recognized experts.
For instance, Positive Technologies has packaged its 20 years of experience in cybersecurity research, cyberattack investigation, and cybercriminal confrontation into specialized free educational programmes and hands-on cyber exercises. These are open to anyone interested in offensive and defensive security.
To create a global community of cybersecurity experts, the company launched Positive Hack Camp, a free international project focused on practical cybersecurity. The programme, which kicked off in August 2024, will be held annually. The first session brought together around 70 students from 20 countries.
Another initiative of Positive Technologies is Positive Hack Talks, a series of international meetups focused on open knowledge exchange and enhancing security worldwide. The first event occurred in 2024 in Bengaluru, India, followed by a meeting in Hanoi, Vietnam.
At Positive Hack Talks in Cairo in February, speakers covered key cybersecurity topics, including business logic vulnerabilities, client-side attacks, GraphQL security, and IoT exploitation.
The event also featured discussions on eBPF security, JVM fuzzing, and high-impact hacking techniques, offering attendees valuable knowledge and networking opportunities.
In addition to educational projects, Positive Technologies annually hosts major events such as the international cybersecurity festival Positive Hack Days and the Standoff Cyberbattle to facilitate the exchange of experiences and ideas among cybersecurity experts from different countries.
The Standoff Cyberbattle is open to participants from any country. In June 2024, 42 teams from 21 countries participated, including those in Central and South Asia, Africa, and the Middle East.
More than 4,500 cybersecurity experts have joined Standoff over its nine years of existence, forming 200 teams from 30 countries.
Participating in Standoff allows experts to gain experience without facing real-world risks. Given the frequency of hacker attacks that experts are likely to encounter, three to five days of the cyberbattle provide the same expertise as one and a half to two years of regular work experience.
The global cybersecurity sector needs powerful players who can train and develop professional talent to create a global, result-driven cybersecurity system.
There is an unprecedented need for practical expertise, particularly in developing skills through real-world experience defending against large-scale hacker attacks.
-------
* The writer, Ilya Leonov, is the regional director for MENA at Positive Technologies.
Short link: