Bringing science and development together through news and analysis

ictQATAR

Speed read

  • Qatar has named cybersecurity one of its top three research priorities

  • Cyber attacks shut down websites and computers at two oil and gas firms in 2012

  • An early-warning system could help combat such cyber attacks

[DOHA/LONDON] Growing concerns over cybersecurity in the Arab Gulf have pushed Qatar into making it a top research priority alongside water and energy security, a meeting has heard.

But countries in the region will need to cooperate more on sharing data and setting up early warning systems to ward off cyber attacks on key assets, experts have said at the Qatar Foundation Research and Development’s annual research conference in Doha last month (24-25 November).

Countries are announcing economic wars against each other through cyberspace, so cybersecurity is essential as a defense tool, said Faisal Al Suwaidi, president of Qatar Foundation Research and Development.

“If countries cooperate to share early-warning information, it will help us get ahead of the people who want to do us harm.”

Richard DeMillo, Qatar Computing Research Institute 

He cited an example from August 2012 when hackers attacked one of world’s largest oil producers, Saudi Aramco, in Saudi Arabia, affecting more than 30,000 workstations. Qatari natural gas company was also hit by a virus that shut down its website and email servers that same month.

Richard DeMillo, chief scientist at the Qatar Computing Research Institute, tells SciDev.Net that researchers are investigating what kind of attacks could be used to shut down the oil and gas industry, the technologies that are being used, and where such attacks originate.

DeMillo says the attack technologies are becoming more and more sophisticated. He calls for an early-warning system to combat cyber attacks, similar to that used for hurricanes.

“If countries cooperate to share early-warning information, it will help us get ahead of the people who want to do us harm.”

DeMillo also points to the potential threat hackers pose to smartphones: in the last year global attacks on Android smartphones increased by 600 per cent.

“We need to think of cyber threats like the fight against cancer. It’s not going to be 100 per cent cured, but we will learn enough science to know what the vulnerabilities are,” says DeMillo.

 
Regional risks and preparedness

Siraj Shaikh, who studies cybersecurity at Coventry University in the United Kingdomtells SciDev.Net that companies in Saudi Arabia at risk from cyber attack include those in construction, finance, government departments, the media and transport

He says potential cyber conflict could arise from Saudi Arabias political positions on Iran, Israel, Syria and Yemen, and there is the threat of non-state actors such as the Syrian Electronic Army — a group of hackers who support the Syrian president Bashar al-Assad.

Groups like these are multiplying in the region and represent a “cause for concern”, he says, but adds that Oman, Qatar, and the United Arab Emirates have already invested heavily in cybersecurity over the last decade and have tried to adopt the security models of western countries.

Saudi Arabia has also invested a great deal over the last twenty years to promote training in computer technologies particularly for young people and to improve broadband and infrastructure, says Shaikh.

But he warns that its cybersecurity ambitions could be frustrated by a lack of coordination among government ministries and a lack of leadership to coordinate a national cybersecurity strategy.

Saudi Arabia needs a national policy to insure that it invests as much in security as in developing its telecommunication networks, he says.