Cyber Espionage In Middle East

Four years ago, I predicted that Middle East will witness new era of cyber espionage and cyber-attacks. Many IT specialists and system administrators and even policymakers didn’t believe what I said.

Now, I can say with confidence that what I was talking about is not comparable to what is happening right now. The latest revelations by Edward Snowden on NSA spying and surveillance capability confirmed the real situation, especially in Middle East region. Our region is vulnerable to all types of cyber-attacks and cyber espionage due to our dependence on western technology, which is sometimes deeply embedded inside our critical infrastructure.

This year Kaspersky labs revealed shocking details related to cyber espionage group that linked to Stuxnet and other sophisticated malware such as DUQU and Flame. All those malware or persistent threats targeted Middle East countries. Kaspersky called the latest revelation “Equation Group Malware”. The most important part in the revelation proves that this group managed to infect “HDD firmware” to spy on victims with sophisticated tools. The malware or the infection tools are hidden from antivirus software, which make the discovery impossible by normal tools used by victims to protect their systems.

According to Kaspersky labs, the infected Hard Drives are located in government and private sectors. But what is notable is the critical departments such as Telecoms, Nuclear research, Military and Oil. What made me think twice are the Military departments and also what Kaspersky called “Islamic Activists”.

The map below shows that Middle East countries are infected with this sophisticated espionage malware!


When it comes to cyber espionage we shouldn’t forget that we live in cyberwar era, in which players are looking for victory. Kaspersky is a Russian based cybersecurity company founded by Eugene Kaspersky. Kaspersky himself studied at KGB related institution and Bloomberg accused him that he has ties with Russian spies! But Kaspersky denied.

If Kaspersky is really making hypes or trying to create victory, it doesn’t mean that they don’t do great job in the cybersecurity arena. It also doesn’t mean that NSA is not spying on all countries around the world especially Middle East. Ironically, Kaspersky itself got infected with a sophisticated malware derived from Stuxnet! It means that NSA and its partners are hacking everyone which is now confirmed by the intercept.

It’s war. If we don’t treat cybersecurity as national security, we will lose every battle!

Written by: Mohamed N. El-Guindy