The Presidency of Meteorology and Environment revealed that it was exposed to 42 thousand cyber attacks during 2019, including 517 attacks to stop the service, 34 thousand attacks to inject orders, 2,753 attacks exploiting vulnerabilities, in addition to 20 cybersecurity incidents that were discovered and addressed in cooperation with National Cybersecurity Authority.
In the context of a recent report, a copy of which was seen by Al-Watan, the authority said that it had declared a state of alert three times according to the recommendations of the National Cybersecurity Authority, and that it strengthened security monitoring in the operations center around the clock and during the weekend.
The authority confirmed that it had counted the end devices for users within the authority in cooperation with the information technology team, and the manufacture of awareness leaflets for cybersecurity to educate employees about information security and safety in the workplace, and adding 5 servers to the authority’s electronic cloud and supporting it in cooperation with a team of STC and STCs, in addition Creating a form for counting the cyber assets and submitting it to the IT department and the management’s participation in the technical project team (changing the domain – the domain), to follow up the business and solve the problems. 90% of the project completion has been reached.
The new restructuring
The authority revealed the amendment of the new structure of the Active Directory system, the investigation of the cybersecurity incidents observed by the team while monitoring the security systems, the amendment of the current network structure in cooperation with the technical support of the supplier, the installation of protection systems for the end devices, in addition to blocking a large group of addresses Electronic (IP) domains and malicious files that threaten network security.
Implementation of recommendations
She drew attention to her supervising the installation of the external firewall, updating the internal firewall, and implementing the recommendations of the Saudi Information Technology Company (site) team to bridge the gaps of e-mail servers and the Active Directory, and examining the vulnerabilities of a large number of main servers in the network at a rate of 7 parts of the network (IPs 150) In addition to discovering a breach of the network and the participation of the National Cybersecurity Authority in dealing with it, and investigating a number of emails that were classified as phishing e-mail and taking the necessary measures in this regard.
Cyber attacks in 2019
20 cybersecurity incidents
30 penetration testing
20 Vulnerability Assessment
42,335 total attacks
517 shutdown attacks
34,397 command injection attacks
2,753 vulnerabilities exploit attack