37% of Corporate Users in Oman Targeted by Financial Malware in H1

Corporate users in the Sultanate were the targets of roughly a third of the 2,482 financial malware attacks recorded during the first half of this year, according to a report by cybersecurity specialist Kaspersky. While attacks have fallen this year compared to the same period in 2020, they continue to pose significant concern to the corporate community, the company noted.

“As local businesses have continued to adjust to remote work scenarios and the rest of the circumstances surrounding the Covid-19 pandemic, we have continued to witness cybercriminals using this to their advantage, exploiting the situation however they can. When considering such statistics, we believe it is evident that cybercriminals are more commonly targeting unsuspecting corporate users in Oman as a way to compromise corporate systems,” says Oleg Kupreev, security researcher at Kaspersky.

Simply put, organizations in the Oman have become susceptible to financial malware as more employees work outside the relative safety of the corporate network. The normalization of a distributed workforce makes ensuring the protection of the personal endpoint devices of people, who need to access back-end systems to continue performing their job functions, that much more critical. In addition to securing these devices, cybersecurity training of employees remains a key component to defend against the growing scourge of financial malware that uses phishing techniques to target individual users.

“It is especially financial phishing that has become one of the most popular tools used by cybercriminals to make money. It does not require much investment or technical expertise from a hacker and can be propagated quickly.

In most cases, successful scammers win access either to the victim’s money or data that can be sold or otherwise monetized. For any business, this points to how important it is to address one of the weakest links in the cybersecurity chain – that of the individual user. It also signifies the importance of remaining vigilant from a cybersecurity perspective, especially during difficult operating conditions,” Kupreev stated.

Beyond the fundamental cybersecurity solutions and training, companies must also consider using the likes of anti-advanced persistent threat (APT) and endpoint detection and response (EDR) technologies to further shore up the defensive posture of their network environment.