Over 800 cyberattacks recorded in Kingdom in 2021 — NCSC

AMMAN — The National Cyber Security Centre (NCSC) recorded a total of 897 cyberattacks in 2021, during its first operational year, the centre’s chief said on Sunday.

During a press conference hosted by Minister of Media Affairs Faisal Shboul and NCSC President Ahmad Melhem at the Prime Ministry, the centre presented its accomplishments. 

“Countries all over the world, including Jordan, are facing increasing cyberattacks that vary in number and goals, and these attacks focus on sovereign establishments, in addition to financial and economic goals,” Shboul said. 

He added that these cyberattacks vary in severity between complex cyberattacks, which are caused by countries or organisations, and those carried out by individuals or amateurs. 

"Information war is the feature of this era, in light of the development of communication technologies and digital communication tools. The more information systems develop globally, the more active countries, organisations, institutions and people become in penetrating those systems," Shboul noted.

He called on any individual or institution to contact the NCSC to report being exposed to any hack, noting that the centre will track the source of breach within its jurisdiction.

The NCSC was established in January 2021 to build an effective strategy for cyber security in the Kingdom to protect the Kingdom from any occurring cyber threats, as well as to protect the safety of individuals and data. 

Melhem added that 34 per cent of the recorded attacks targeted network users, while 27 per cent were state attacks or state-sponsored attacks. He noted that 26 per cent were cybercrimes, while only 13 per cent were related to extremist organisations and terrorist groups.

Melhem also called on citizens who suspect any breach to their phones to visit the centre, noting that there are “no permanent harms” resulting from theses hacks. He further stressed that most targeting institutions rely on economic goal behind the breach.

During the past six months, the centre recorded attacks coming from over 40 countries, he said, stressing the difficulty of identifying the exact country of which the attack came from, as the attacker may use an infrastructure in any country. 

The attacks targeted the internal network and operating systems of a number of official institutions and individuals, according to Melhem. 

Private and public institutions, Jordanian embassies as well as citizens were targeted by “phishing” attempts, he said.

The purposes of the attacks recorded in the Kingdom the past year are attributed to the following reasons: 33 per cent to disrupt the network, 23 per cent to steal information and data, 21 per cent for cyber spying, 14 per cent to use infrastructure to initiate attacks on other entities while 4 per cent were spying attempts for political reasons.

“A website will be launched soon for individuals to report any cyber penetration or attempts,” Melhem noted. 

He added that during the past six months the centre was able to detect and analyse 236 advanced persistent threats.

“Globally, no country has the ability to eliminate the possibility of a cyberattack, but we in Jordan have the necessary capabilities to upgrade skills to face any potential attacks,” Melhem noted.

Melhem added that the centre’s goal is to detect and determine attacks, as well as eliminate the threat caused by the attack. 

He also noted that Jordan ranked 73 globally in the Global Security Index.