Advanced Persistent Threats Targeting the Middle East: Tactics, Techniques and Recommendations for Countermeasures
Abstract:
This research analyses the tactics and techniques of Advanced Persistent Threat groups targeting the Middle East, focusing on improving regional cyber security practices. It evaluates security measures using the MITRE ATT&CK framework, threat intelligence feeds, and simulated attacks in a controlled environment simulating corporate networks. Through experimental testing methodology employing both quantitative and qualitative analysis approaches, the research executed 127 attack techniques against endpoints and 1,968 web-based attacks to evaluate detection capabilities. Testing revealed that only 6.3% of endpoint attacks were detected by security solutions, while just 41.4% of web attacks were blocked by the Web Application Firewall, highlighting significant gaps in existing defences and recommending adoption of more enhanced technologies.
AUTHORS
University of East London, School of Computing, Architecture and Engineering,
Dockland, London, United Kingdom
Ahmed ElTijani is a Senior Cybersecurity Consultant and PhD student with a master’s degree from the School of Architecture, Computing, and Engineering at the University of East London. He specializes in offensive security and cyber warfare, with extensive experience in red teaming and penetration testing. He also holds several professional certifications, including OSCE (Certified Expert), OSWE (Web Expert), OSEP (Experienced Penetration Tester), and CRTO (Red Team Operator).
Published In
Journal of Information Warfare
The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.
Quick Links
Archive
