Saudi Arabia’s National Cyber Security Center (NCSC) provided government agencies with information and methods to prevent a new malware that cyber-attackers are using to hack into electronic devices.
The center recently discovered the use of unconventional methods by hackers attempting to bypass security verification of E-Systems, including the so-called DNS-BOT, Executive Director of Strategic Development Dr. Abbad al-Abbad told Asharq Al-Awsat.
He also pointed out that the center’s recommendations contribute to the prevention against such breaches.
Al-Abbad reviewed the level of responsiveness of government agencies as positive and in steady improvement.
“The center does not work alone, but works hand in hand and cooperates with all vital bodies to address the electronic threats facing Saudi Arabia,” he said.
“It seeks to raise the level of maturity and develop and apply best practices and methods of prevention of these attacks, hoping at the same time to increase awareness among all security levels,” he added.
He pointed out that e-security bodies in Saudi Arabia are tethered to governmental and vital authorities to achieve the key objective of protecting the Kingdom's cyberspace.
The center continues to promote prevention methods that can neutralize various types of malware and reboot attacked systems.
More so, the center launched on Tuesday a social media campaign which included warnings of what was described as the unconventional «DNS - Bot» malware.
Evidence shows that DNS - Bot attackers are generated by bots running in home gateways. Attackers scan the Internet for home gateways with weak passwords and login, and use load malware that enables DDoS attacks. There are direct links between strings discovered in the malware and attack activity.
Additional research showed other kinds of devices, like cameras, can also be compromised.
According to the Center, prevention methods include keeping records of DNS protocol and reviewing unusual communications.
The Center explained that the attack and its effects lie in controlling the victim's device, stealing data, putting malicious software in the victim's network, and possibly a sabotage attack on the network.
