Qatar hosts the FIFA World Cup this year, the first time the event has been staged in the Arab world. The country’s cybersecurity experts predict that hackers will falsify ticketing, hotel reservations and restaurant reservations to capture personal details of people traveling to Qatar. In addition, phishing and social engineering will be used to steal personal and financial information from anyone using the Internet to obtain tournament information.
“If there is one thing we have learned about cybercrime from previous gatherings, it would be that it thrives around major world events,” said Mohammad Al-Kayed, director of cyber defense at Black Mountain Cyber Security. “Spectators and attendees alike are advised to remain vigilant for cyber threats in the form of online scams and malicious emails promoting ticket sales and sporting goods. The biggest threat of all is the piracy of football matches in progress through online platforms.”
On March 25, Interpol convened a group of global cybersecurity experts in Qatar to discuss threats ahead of the World Cup. The meeting was part of project stadiumswhich was established by Interpol in 2012 and financed by Qatar. Although special emphasis is placed on the 2022 World Cup, the project aims to contribute to the safety of any major sporting event.
Qatar has partnered with several countries to provide physical security for the World Cup, including Turkey, France and the United Kingdom. Turkey will send 3,000 riot police, France will send four airborne monitoring and warning systems to track airborne threats, including drones, and the United Kingdom It will provide maritime security support and anti-terrorism surveillance.
But surprisingly, the biggest announcement yet on how to help Qatar with cyber security comes from Morocco, which will send a team of cybersecurity experts to Qatar as part of the two countries’ efforts to expand security cooperation. Could it be that Qatar thinks it has enough local cybersecurity expertise not to ask more powerful countries for help?
Al-Kayed told Computer Weekly: “The Supreme Committee for Delivery and Legacy has already issued a cybersecurity framework ahead of the World Cup preparations to set the required benchmark for all parties involved in the [tournament] implementation. In essence, the framework identifies the cybersecurity requirements to protect the critical national infrastructure that supports the FIFA World Cup.”
Long history of cybersecurity in Qatar
Cyber security has been a concern in Qatar for at least two decades. One of the groups that has been instrumental in protecting the country’s information infrastructure is the Qatar Computer Emergency Response Team (Q-Cert), which was created in 2005 by the Qatar Ministry of Transport and Communications (MOTC) in partnership with Carnegie Mellon’s Software Engineering Institute (Certification Coordination Center).
Q-Cert has launched several projects recently. One is to develop a fully automated threat monitoring system to collect security-related data and perform preliminary analysis of that information. The data will be collected from sensors and distributed mechanisms, such as spam traps.
The team is also building a threat intelligence center to collect and analyze security-related events, alerts, and threats on the government network. The threat intelligence center will use the output of the threat monitoring system, along with security-related logs from firewalls, routers, and proxy servers to detect threats to the government network.
Another Q-Cert project is building a malware analysis lab to analyze malicious software collected from other projects. The lab will also be used to help investigate cybercrime by uncovering the digital footsteps of suspected criminals.
A fourth Q-Cert project involves the eradication of botnets, the goal of which is to reduce the risk of sensitive government, corporate or individual information being stolen. This will be done by identifying compromised systems and preventing future incidents and data leaks.
Qatar has also created government organizations to combat cybercrime. In 2013, it established the National Cyber Security Committee to address cyber security at the national level and, with the help of the Ministry of Information and Communications Technology, drafted the country’s National Cyber Security Strategy.
The strategy specifically calls for companies to share responsibility for information security. It also aims to foster the development of a local ecosystem of technology experts and providers.
In March 2021, Qatar established the National Cyber Security Agency which, as of May 2022, has trained 25,000 employees in different aspects of information security. Mohamed Ahmed Al-Ansari, director of public relations and communication for the agency, recently expressed the interest of the organization in improving cybersecurity through partnerships with leading global organizations, including Microsoft, Huawei, and the German Institute.
Encourage private solution providers
The Qatari government is not only interested in working with major global players, but is also encouraging the development of local expertise and a local ecosystem of startups, as called for in the National Cyber Security Strategy.
“Qatar has led several national initiatives aimed at bolstering local cybersecurity talent,” Al-Kayed said. “Today, most universities in Qatar offer courses and educational programs on cyber security, some even for free. In addition, Qatar University has been collaborating with international companies, such as Such, to provide real-world experience to young Qatari professionals. And just last month, the training organization WITHOUT conducted an extensive training program for cybersecurity professionals from Qatar.”
Professional networking events are held regularly in Qatar, including the Global Cyber Security Summit, an annual event geared towards CISOs from all industry sectors in Qatar. The summit helps security professionals share best practices and includes experts from outside the country.
As for local startups and local offices of global companies, perhaps the most encouraging aspect of doing business in Qatar is market predictions, which suggest that Qatar’s security services market is the fastest growing in the region. According to Tasmu Digital ValleyQatar’s cyber security market size is set to exceed $1 billion in 2022 and is expected to grow by 12.7% annually to reach $1.64 billion in 2026.