According to research by Symantec, a new espionage campaign called Leafminer has been targeting the business sector and government organisations in the Middle East since at least early 2017.
Kuwait is one of the countries threated by Leafminer, particularly its financial institutions, so government organisations have developed a comprehensive plan to enhance and increase the security of their systems in order to be prepared for attacks and reveal who is behind them.
Kuwaiti government organisations prepare for Leafminer
According to Al Anba newspaper, the Central Bank of Kuwait has worked with all local banks to enhance the safety and efficiency of their information security systems.
The Kuwaiti banking sector, under the guidance of the Central Bank of Kuwait, was the first sector to take proactive steps – increasing the information technology infrastructure budget by 50% to 300 million Kuwaiti dinars in the second half of 2017.
This increase included spending on physical assets, programs and the development of the technological infrastructure and systems used by banks in their day-to-day banking operations to protect customers’ data from any potential attacks.
Al Anba also revealed that Kuwait has backup systems for the data of more than 35 government organisations, and has developed alternative websites for some of its government organisations, particularly in the business sector, to ensure they can retrieve any data in the event of a successful cyber attack.
How can organisations be prepared for any disruptive incident?
If your business is based in the GCC (Gulf Cooperation Council) region, you are at risk from Leafminer.
Therefore, you should ensure that your organisation is fully prepared to resume operations and return to ‘business as usual’ as quickly as possible after a disruptive incident (for example, a cyber attack or power failure).
To ensure the continuity of your business you should consider implementing BCM (business continuity management) measures. BCM is a form of risk management that deals with the threat of business activities or processes being interrupted by external and/or internal factors.
Effective BCM can be attained by implementing a BCMS (business continuity management system) aligned with the international standard, ISO 22301.
What is a BCMS?
A BCMS is a comprehensive approach to organisational resilience and it enables organisations to update, control and deploy effective plans, taking into account organisational contingencies and capabilities, as well as the business needs (product and service requirements).
An ISO 22301-aligned BCMS will include disaster recovery plans that focus on the recovery of specific operations, functions, sites, services or applications.
Prepare your organisation for a disruptive incident with a BCMS
Implementing an ISO 22301 compliance BCMS will enable organisations to:
- Identify potential risks and improve response times during unplanned disruptive events;
- Outline clear plans for resuming business operations to acceptable level; and
- Protect the organisations profits, turnover and reputation.