As part of the National Cyber-Security Authority’s mission in leading the protection of the national cyber space and the situational awareness of the current national cyber security status, the NCSC presents 2018 “First Quarter” report which aims to highlight the threat overview of the KSA during the period from January 1st to March 31st.
1. Threat Summary
During this quarter the number of the Threat Alerts was higher by (13.5 %) as compared to the Fourth Quarter of 2017.
“Malicious Code and Intrusions/ Intrusion Attempts represented the majority of threat landscape in KSA. This indicates that the threat actors’ intention was to pertain their presence, within the affected entities.
“Unauthorized Access, Modification & Usage” and “Malicious Code” threat categories represented the majority of the threat landscape in KSA. This indicates that the threat actors’ intention was to pertain their presence, within the affected entities.
Based on the above chart, the “Intrusion Attempts” has been decreased since the third Quarter of 2017. However, recently the threat actors have moved one step forward to their objective; by executing the malicious Code and extracting data from the infected entities.
Throughout the first quarter of 2018, most of the threats were targeting Government entities, Education and Telecommunication sectors. This clearly reflects the threat actors’ interest to harm the national security, infrastructure, and steal sensitive data..
As highlighted above, threats which were directed towards government and Education sectors have slightly increased during first quarter of 2018, as compared to fourth quarter 2017.
Common Security Issues
The common information security issues observed during consultancy engagements mapped to the Basic Cyber Security Controls (BCSC).
Relevant Control Standard