Cyber Security in UAE

Dissertation

ABSTRACTMost modern countries depend on computers to a certain degree. With higher dependence the risk involved increases, as a single system failure could make a serious dent in a state's infrastructure. Cyber-threats have become one of the best known threats of the modern world, and can be divided into several categories ranging from those affecting the security of the individual to serious matters of country. They come in turn from state, private-sector and individual sources and have already led to several crises of international significance.During the past decades of the modern world, Information Technology (IT) became an essential factor of businesses, companies, organizations and governments. There are many advantages of it; the communication and trade became faster and more efficient and lot of new technologies developed because of this support, but there are risks and some drawbacks as well, concerning cyber security. Many systems, including Critical Infrastructure (CI) became exposed to cyber-attacks, making it more vulnerable, despite the unquestionable advantages of the networking capabilities that those systems share. The United Arab Emirates, as a developing country experiences this change even more rapidly in the recent years. The overall Internet penetration, as well as the use of cyber-based systems in Critical Infrastructure grows with a never seen pace in the country just as in the rest of the world. UAE has emerged to be in the forefront of many technological advances in the recent past. But in the case of technological advances, security advances must follow or the whole state becomes vulnerable. In the modern world there are several options for a state that wants to improve its cyber-security, including chances to cooperate with various international agencies.In this thesis UAE is examined in terms of cyber-vulnerabilities relating especially to macro-economic variables. It will be asked what efforts UAE has already made in this field but more importantly what efforts still need to be undertaken, drawing upon the opinions of several experts at different levels in both government and the private sector. UAE has long been rather passive when it comes to international cooperation in security.The primary objective of this study is to find correlations between macro-economic variables (such as: GDP, Stock Market Index, Inflation Rate, Unemployment Rate, Oil Prices), Military and Political events, Public Holidays and the cyber-attacks on the United Arab Emirates CI, or IT systems. The macro-economic variables were identified from the results of grounded theory method being employed as a methodology of this study. In the country and through the literature review, there was no similar, in-depth study done before. The main driving force of the research is the constantly growing importance of cyber security all around the world, and especially in the UAE. As CI and IT systems develop and gain an inevitable role, the perils of their existence and well-functioning also grow with them. On the basis of the statistical results calculated on the secondary data gathered from aeCERT and its relationship with the macro-economic variables identified from grounded theory method, It is found that there is a positive correlation between the events of cyber-attacks and various macro-economic variables (GDP, inflation rate, unemployment, stock market index, and oil prices etc.), public holidays, and military and political events. With the help of the future findings, the government of the United Arab Emirates will get a support to fight against cybercrime more efficiently, and to perceive its early warning signs in order to act faster, making the consequences remain more venial than without this specific knowledge.Keywords:Cyber Security, United Arab Emirates, Macro-Economic Variables, Military and Political Events, aeCERT, Information Technology, Critical Infrastructure.

ACKNOWLEDGEMENTSThe completion of my dissertation and subsequent Ph.D. has been a long journey. Its true that Life is what happens when you are completing your dissertation. Life doesnt stand still, nor wait until you are finished and have time to manage it. Much as happened and changed in the time Ive been involved with this project, or as some of my dear friends have so affectionately referred to it The Paper. Many have questioned whether I would finish my dissertation, as have doubted my commitment to it. I, on the other hand, barring losing confidence so many times Ive lost count, getting writers block just as many times, ending one relationship, moving, beginning another relationship, computers crashing, needing to work as much as possible, and pure frustration in general, knew Id compete my Ph.D. I just had to do it in my own time and on my own terms. My dissertation has always been a priority, but as most know, there are several priorities in a persons life at any one time. Unfortunately due to lifes challenges and the changes that followed, my dissertation could not always be the number one priority. At any rate, I have finished, but not alone, and am elated. I could not have succeeded without the invaluable support of several. Without these supporters, especially the select few Im about to mention, I may not have gotten to where I am today, at least not sanely. To this select group, Id like to give special thanks, beginning with (You can add information about your supervisors along with some acknowledgements that you think are best suited, further you can add individuals from your group of friend and families.)

16

117

Table of ContentsSTATEMENT OF AUTHORSHIPiiABSTRACTiiiACKNOWLEDGEMENTSvList of FiguresxiiList of TablesxivList of AbbreviationsxviChapter 1: Introduction171.1Information Technology171.2Background and Problem191.3Research Aims and Objectives201.4Research Questions211.5Summary of Methodology221.6Summary of Conclusions231.7Structure of Dissertation25CHAPTER 2: LITERATURE REVIEW282.1The Purpose and Definition of Cyber Security282.2Cyber Security & Cyber Crimes302.3Cyber Crime & Internet322.4Why Cyber Crime?342.5Importance of Cyber Security352.6 UAE & its Economy392.7Cyber Security in UAE402.8What are Cyber-Threats?422.9Developments of Cyber Crimes422.10 Geographical importance of Cyber Crime432.11International Extents of Cybercrime442.12 Cyber Crime Activities452.13 Malicious Technology and its Features462.14 TOP 5 Exploits Targeting North American and Western European Users562.15 An international picture582.16 Laws & structures602.17 Global collaboration622.18 Prevention of Cybercrime652.19 Computer and Cyber Crime Laws in the USA and the UK672.20 Management Approaches of the Cybercrimes & Securities712.20.1The Risk-Based Approach to Cyber Security722.21 Latest Trends in Cyber Crimes742.22 Modern infrastructure and Cyber Attacks752.23 Cyber Crimes and International Responses782.24 Cyber Crime in Progressing Countries (such as the U.A.E)812.25 Factors Relating to the Economy and Penetration of the Internet822.26 The Status of Official and Unofficial Institutions822.27 Business Owners; Real Victims of Cyber Security832.28 Cyber Crime Factors842.29 Cost of Online Deception852.30 Discussion862.31 Contribution of National Cyber Security Team at the TRA to UAE success in Cyber Security882.32 Cybercrime Targeting in UAE922.33 Cyber Security: A Core Element of UAE Curriculum932.34 National Security Consciousness Campaign942.35 Cyber Crimes Law952.36 New Cyber Crime Law Issued By UAE and Establishment of a National E- Security Authority962.37 Internet Monitoring in UAE972.38 Cyber Crimes Cost UAE Above $600m Annually972.39 UAE: The Main Target of Cyber Crimes982.40 Measures Taken by UAE for Cyber Security992.41 Background of UAEs Cyber Laws1002.42 UAE in 2013 to Face Advanced Cybercrime1012.43 Further Security Predictions for 20131022.44 Recommended Policies for Governments to Help Reduce Cyber Crime1042.45 Authorities Lack the Resources Required to Combat Cyber Crime1052.46 Cyber Crime Across Borders1052.47 The introduction of the N.B.S by the U.A.E1052.48 Introducing the aeCERT1062.49 Critical Infrastructure as a Potential Target and the Need for its Protection1072.50 The future of cyber security with reference to the past1082.51 Warning of Expected Cyber-Attacks for UAE1092.52Theoretical Perspective1102.53Knowledge Gap1132.53.1Cyber Security Risks on the Rise in UAE1152.54 Conclusion117Chapter 3: RESEARCH DESIGN METHODOLOGY1193.1Conceptual Framework and Preposition(s) Building120Research Model and Propositions1213.2Research Aim and Objectives1243.2.1Understanding the Nature of Research1243.2.2Macro-Economic Aspects of Cyber Security1273.3Research Process1293.4Research Paradigm1313.5Research Philosophy1333.5.1Positivism1333.5.2Interpretivism1353.5.3Critical Postmodernism1393.5.4Theories Adopted in this Research Study1403.6Research Methods1423.6.1Mixed Method Research1473.6.2Proposed Methodology1483.7Research Design and Instruments1513.7.1Data Sources1513.7.2Secondary Research1533.8Data Collection and Analysis1543.9 Research Evaluation: Trustworthiness of the Study1553.9.1Credibility1563.9.2Transferability1573.9.3Dependability1593.9.4Conformability of the Findings1603.10Conclusion161Chapter 4: DATA ANALYSIS and interpretation1634.1Introduction1634.1.1Assumptions Acknowledged1654.2Data Collection and Analysis in Grounded Theory1654.3Grounded Theory Findings and Discussions1664.3.1Awareness and Training1684.3.2Management Support1694.3.3Budget1704.3.4Cyber Security Policy Enforcement and Adaptation1714.3.5Organization Mission1724.3.6Socio-Economic Codes1724.4Descriptive Characteristics of the Secondary Data1764.4.1Data Summary Information1764.5Viruses1834.5.1Yearly and Monthly Frequency Distributions (Percentages)1834.5.2 Types of Viruses1864.5.3 Additional Information1884.6Trojans1884.6.1Yearly and Monthly Frequency Distributions1884.6.2Types of Trojans1914.6.3 Trojan Aliases1934.6.4Additional Information1934.7Exploit Scripts1944.7.1Yearly and Quarterly Frequency Distributions1944.7.2Types of Exploit Scripts1974.7.3Workaround Availability1994.7.4Additional Information1994.8Bugs1994.8.1Yearly and Quarterly Frequency Distributions2004.8.2Risk Levels2024.9Probes2044.9.1Yearly and Monthly Frequency Distributions2044.9.2Additional Information2074.10 Data Analysis of Micro Economical Variables2074.10.1An Overview2074.10.2Economic Summary2084.11Propositions Testing2194.12Trustworthiness of the Study2274.12.1Credibility2274.12.2Transferability2274.12.3Dependability2284.12.4Conformability2284.13 The SWOT Analysis2284.14Conclusions234Chapter 5: COnclusions and Recommendations2375.1Conclusions2375.2Answers to Research Questions2395.3Recommendations2425.4Areas for Future Studies2455.5Research Limitations245References246Appendix 1:Internet Access Management Statistics Report261Appendix 2:Annual Economic Report UAE 2009263Appendix 3:Annual Economic Report UAE 2012264

List of FiguresFigure 1:Classification of Trojan Virus46Figure 2: Dynamics of Rogue Antivirus49Figure 3:Russian Hacker Information50Figure 4:Top 10 Countries of Trojan Downloader51Figure 5:Distribution of Backdoor.Win32.ZAccess52Figure 6:Kaspersky Lab Users Statistics54Figure 7:European and Northern American Cyber Attacks55Figure 8:Cyber Crime and Conventional Crime59Figure 9:International and Regional Instruments61Figure 10:Obtaining Extra Territorial Evidence63Figure 11:Distribution of Webhosting for Malicious Content76Figure 12:15 National Domain Zones of Malicious Sites77Figure 13:Effects & Attacks of Cyber on National Infrastructure87Figure 14:Conceptual Framework Model of Research121Figure 15:Steps in Developing a Grounded Theory...166Figure 16:Grounded Theory Results..167Figure 17:Graphical Representation of Breakdown of Total Data by Year: 2009-2012177Figure 18:Trend of the Monthly Percentage of Total Viruses Data by Months: 2009 - 2012178Figure 19:Trend of the Monthly Percentage of Total Trojans Data by Months: 2009 2012179Figure 20:Trend of the Monthly Percentage of Total Exploits Data by Months: 2009 2012180Figure 21:Trend of the Monthly Percentage of Total Bugs Data by Months: 2009 2012181Figure 22:Trend of the Monthly Percentage of Total Probes Data by Months: 2009 2012182Figure 23:Graphical Representation of Year Wise Distribution of Total Cases of Viruses: 2009-2012184Figure 24:Viruses Cases by Months. 2009 - 2012185Figure 25:Viruses Major Types Reported. 2009 - 2012186Figure 26:Graphical Representation of Year Wise Distribution of Total Cases of Trojans: 2009-2012189Figure 27:Trojan Cases by Months. 2009 - 2012190Figure 28:Major Types of Trojans. 2009 - 2012191Figure 29:Graphical Representation of Year Wise Distribution of Total Cases of Exploits: 2009-2012195Figure 30:Exploit Cases by Months. 2009 - 2012196Figure 31:Exploit Scripts Most Common File Types. 2009 - 2012197Figure 32:7 Types Key Types of Exploits198Figure 33:Graphical Representation of Year Wise Distribution of Total Cases of Exploits: 2009-2012200Figure 34:Bugs Cases by Months. 2009 - 2012201Figure 35:Graphical Representation of Year Wise Distribution of Risk Rating Frequency of Bugs: 2009-2012203Figure 36:Graphical Representation of Year Wise Distribution of Total Cases of Exploits: 2009-2012205Figure 37:Probes Cases by Months. 2009 - 2012206Figure 38:High level metrics208Figure 39:UAE GDP Growth Rate209Figure 40:UAE Inflation Rate. 2009 2012211Figure 41:The Relative Weights of the Consumer Basket Components in 2011212Figure 42:Inflation Rates and Average Index of the Spending Groups213Figure 43:Inflation Rate according to the spending groups213Figure 44:UAE Unemployment Rate. 2009 - 2012216List of TablesTable 1:Cyber Crime and Money Making47Table 2:H2 2011 (Top 5 Exploits)56Table 3:H1 2012 (Top 5 Exploits)57Table 4: Summary of the Research Elements123Table 5:Summary of the Research Onion Layers131Table 6:Characteristics of Interpretivism138Table 7:Differences between quantitative and qualitative approaches144Table 8:Breakdown of Total Data by Year: 2009 - 2012176Table 9:Breakdown of Total Viruses Data by Months: 2009 2012178Table 10:Breakdown of Total Trojans Data by Months: 2009 2012178Table 11:Breakdown of Total Exploits Data by Months: 2009 2012179Table 12:Breakdown of Total Bugs Data by Months: 2009 2012180Table 13:Breakdown of Total Probes Data by Months: 2009 2012181Table 14:Year Wise Distribution of Total Cases of Viruses: 2009-2012184Table 15:Percentages of Viruses Cases by Months. 2009 - 2012185Table 16:Year Wise Distribution of Total Cases of Trojans: 2009-2012188Table 17:Total Percentages of Trojans Cases by Months. 2009-2012190Table 18:Frequency of Reported Trojan Aliases by Months. 2009-2012193Table 19:Year Wise Distribution of Total Cases of Exploits: 2009-2012194Table 20:Total Percentages of Exploits Cases by Months. 2009-2012196Table 21:Exploit Scripts Workaround Availability. 2009 - 2012199Table 22:Year Wise Distribution of Total Cases of Bugs: 2009-2012200Table 23:Total Percentages of Bugs Cases by Months. 2009-2012201Table 24:Bugs: Risk Rating Frequency Distribution by Yearly. 2009-2012202Table 25:Bugs: Attack Code Summary in Rank Order. 2009-2012204Table 26:Year Wise Distribution of Total Cases of Probes: 2009-2012205Table 27:Total Percentages of Probes Cases by Months. 2009-2012206Table 28:GDP Data Month Wise. 2009 2012208Table 29:GDP Data Yearly. 2009 - 2012208Table 30:UAE Inflation Rate. 2009 - 2012210Table 31: UAE Oil Prices. 2009 - 2012214Table 32:UAE Stock Market Index. 2009 2012214Table 33:UAE Unemployment Rate. 2009 - 2012215Table 34:UAE Public Holidays. 2009 - 2012216Table 35:UAE Political and Military events. 2009 2012217Table 36:Pearson Correlation Coefficients221Table 37:Pearson Correlation Coefficients223Table 38:Pearson Correlation Coefficients224Table 39:Pearson Correlation Coefficients226

List of AbbreviationsaeCERT:The Computer Emergency Response TeamC:C programming language fileCI:Critical InfrastructureDPI:Deep Packet InspectionGDP:Gross Domestic ProductGTM:Grounded Theory MethodGZ/SIT:Compressed file archive created by GZIPIMF:International Monetary FundIT:Information TechnologyNBS:National Bureau of Statistics of the United Arab EmiratesPL:PERL source code fileSH:UNIX shell scriptTRA:Telecommunication Regulatory AuthorityTXT:Text fileUAE:United Arab EmiratesZIP:Compressed file archive created by PKZIP

Chapter 1:Introduction1.1Information TechnologyWorld is revolving around Information technology nowadays. Everything is connected directly or indirectly with the information technology and due to this reason it is observed that more and more development is examined in the information technology sector, in the world. Development rate we can analyse in the information technology sector is much higher than the other sectors of the world (Sean, 2007). It is the interest of the people that make the information technology sector more vibrant and innovative. Every month, we have an innovation in the information technology world that helps in changing the life style of the people (Blackwell, 2009). We can feel the need of information technology in every part of our lives now. Without information technology, it is not possible for anyone living in this world to survive its life. Information technology has become as important for us as the food is for the human being (Blackwell, 2011). Usage of information technology is on growing trend these days, and everything is turning out to be computerized because it makes the life of the people easy. In this digital world, everyone is addicted to the information technology products and generally using them in their daily life's (Biever, 2005).One of the best innovations made in the information technology sector is the invention of computers and later on Internet (Bronitt, 2008). This has made the world a global village. Due to these inventions, the distance between the peoples reduced and they can easily communicate with each other. Internet also played its role in developing the imports and exports of the country as the people became able to communicate with the importers and exporters of the other country hence Internet helped in facilitating trade activities between the countries (Biever, 2005). Internet is widely used in the world nowadays. People belonging from the every age group are engaged in using Internet (Bronitt, 2008). Every person is using Internet according to his interests and desires. Even businesses are using Internet to communicate with their employees and also to get the latest updates from the market, and this helps the organization to gain a competitive advantage (Sammes, 2012). Now, the Internet is so much grown up that one can find every information on the Internet.As the use of Internet increased, crime related to the computers and Internet also increased as the people with the criminal minds also got the access to the Internet, and they tried to increase an unauthorized access on the Internet to get the unlawful benefit from Internet (Sammes, 2012). People used in these sorts of activities on the Internet are known as Hackers, and they use to do so in order to access the information stored on the Internet or on the computers connected to the Internet (Caloyannides, 2010). Due to acts of these people, need for the security of computer systems and the Internet arose and millions of dollars were spent in order to control the activities of hackers so that they might not be able to access the secret information available on the Internet (Casey, 2006). Even with such a development on Internet security measures, every computer server administrator remains his focus on the security of the server as hackers are always engaged in finding new techniques and methods to increase the unlawful access to the computer servers (Koops, 2007). With every day, there is a new invention in the information technology world and most of the people start using the latest technology without understanding the advantages and disadvantages of the new technology item introduced in the market (McCusker, 2010). It has been observed that most of the internet viruses and hackers access the user system due to this latest invention (Koops, 2007). Everyone in the world wanted to have the experience of using these new inventions, hence without knowing the details of the manufacturer, doing proper research about the latest software this is just downloaded in the computer system and then installed and after installation of this software, it start working and gather or transmit the required information to the developer of the virus or hacker (Norfolk, 2011).Information technology is now in our every walk of life. It is becoming difficult for us to neglect the importance of the Information technology but as it is introducing connivance in our daily routine in the same way it is also increasing the problems in our lives (Irvine, 2008). There are many examples available on the Internet where one can see that how the information technology played the negative role in the one life and created difficulties for him or her (Penney, 2007). There is a cost of every invention and one of the biggest costs of so much development in the information technology is that there is no more secrecy of the person. Every asset or personal information of the person is now online and once the hacker can get an access to that information that can damage the financial and ethical worth of the person (Sinrod, 2008).With the growing trend of using the social networking websites, one of the other risks that people is facing that if the account of the one person of the social network is hacked then it also gives an access to the other accounts associated with the hacked account and in this way accounts of all the friends, the whole family and other social network people can have the chances to get hacked and once the account of the person is hacked, there are bright chances that all the personal information that is stored on the social networking website and in his email, can be accessed by the hackers and can be used negatively by the hacker in order to gain some advantage from the person (Soma, 2011).So, as the need of information technology developing, need to have the proper cyber security controls is also growing and every country should have the proper designed cyber security system in order to safeguard the interests of their people, companies working in their country and every person that is using the Internet within the International boundary of the countries (Norfolk, 2011). It is not only through proper cybercrime measures that one country can enjoy the maximum benefits from the internet otherwise instead of enjoying the benefits from the Internet, and it can also prove to be dangerous for the people due to the part of the hackers on the Internet world (Soma, 2011).1.2Background and ProblemUAE is one of the emerging economies of the world, and there is an urgent need to have a cyber-security measures implemented in the country (Julia, 2012). This study will help us to understand that present cybercrime status in the United Arab Emirates and the cyber security measures done to control the cybercrime in the country and what are the more improvements required in the cyber security measures to bring into the International Level (Hughes, 2012).

Even though the west world is contributing towards developing the cyber security in the UAE but still UAE is fairly a young fast growing economy that is presently in the way of upward their cybercrime laws to protect the interests of the people and also of the companies (Howe, 2012). This study will prove to be significant to understand the present cyber security measures that are being adopted by UAE and understanding the up gradation of the cyber security measures required in United Arab Emirates (TRA.gov.ae. 2010).Research Questions of the study is created in such a way that it will help us to understand the different trends of the cyber-attacks in the United Arab Emirates. Research question answer will be helpful to us to determine the different variables that are linked directly or indirectly with the event of the cybercrime in the country (Lunjevich, 2010). After the identification of the different variables and their counter effect on the occurrences of the cyber-attacks on the United Arab Emirates, we will be able to understand the role of each variable in the cybercrime event in the country (Khaleejtimes.com, 2006). Through this research, we will also be able to learn more about the trends of the cyber-attacks in the United Arab Emirates as one of the questions of the research is designed in a way that it will give us the idea about the cyber-attacks and the holidays in the United Arab Emirates this will help us to establish the link between the cyber-attack occurrences and the holidays in the country (TRA.gov.ae., 2010). Another question of the research is designed to understand the effects on political and military activities in the country as the effects of the cyber-attacks in the country.Overall, this will be very comprehensive research work and will also prove to a valuable source of learning about cyber-attacks and different measures implemented by the Government of UAE in order control the cyber-attack in the country (Blackwell, 2009). This study will also be helpful to identify the different variables that can be used to anticipate the expected future cyber-attacks in the country. So, the results of this research will contribute towards the efforts in controlling the cybercrime activity in United Arab Emirates (Foss, 2009).1.3Research Aims and ObjectivesThe aim of this research is to check whether a set of variables (economic and other) could be used to spot early warnings to prevent cyber-attacks on the UAE Critical Infrastructures. There are four main areas to be tested or processed as the objective of the research.Objective 1: It is necessary to test a set of macroeconomic variables to see if they are associated with cyber-attack event reports. Not every macroeconomic variable is in correlation with cybercrime, and there are a number of which is not commonly viewed as a cybercrime- related factor, but still, it may have an impact on this particular area, as well. Objective 2: To find out if there is a correlation with the public holidays in the United Arab Emirates and the cyber-attacks. The UAE can be significantly more vulnerable during those occasions, compared to the regular daily life. The reason can be the fact that most people do not work during public holidays, but other factors may emerge.Objective 3: The association of cybercrime and military or political events in the area is also proposed to be tested, as those events can also be connected with cybercrime.Objective 4: To provide the government of the United Arab Emirates the needed alerts to be ready for the cyber threats, as there is not enough information supported yet to successfully effectively notice the early warning signs of cybercrime in the country. 1.4Research QuestionsIn order to fulfil the research objectives, and because of the approach of grounded theory, Complex questions have to be asked. By the help of the reviewed literature, and the experience of the proposed methodology, the main questions of the research can be formed. With the proposed test and research objectives, the following ones are aimed to be answered. Research Question 1Which are those specific macroeconomic variables that are more likely to be correlated with an increase in cyber-attacks, or cybercrime related actions? The purpose is to select them from a bigger pool of possibilities. Research Question 2 It is also to be found out, is there a correlation between the selected macroeconomic variables and an increase in cyber-attacks? It is especially important to study it from this viewpoint, as the ultimate aim is to support the government of the UAE to find early warning signs that indicate future cyber-attacks. Research Question 3Do military and political events impact cybercrime, and if the answer is positive, is there a positive correlation between the two? It is also a question to be answered at the end of the research. Research Question 4Are cyber-attacks more or less likely during public holidays than during other times in a year? We will also explore the possible relationship between public holidays and cyber- attacks in the UAE. 1.5Summary of MethodologyThe methodology and research problem are inspired by a previous work from Michael K. Levine in 2007 who wrote a thesis for Sir John Cass Business School-UK, about cyber security in the US using a similar methodology. The first part of the research will be taken over with the design and approach of the grounded theory, and with qualitative analysis. First, the reports of the UAE cyber security team with secondary data of the macroeconomic variables and other inputs will be analysed using grounded theory approach. Then a storyline will be drawn as a result of that. This will enable a set of propositions to emerge from the coding of the data. The grounded theory method was initially introduced in 1967 by researchers Barney Glaser and Anselm Strauss. The two founders of grounded theory split and developed different methods that they each called grounded theory," which led to confusion as to what grounded theory is. For this reason, it is necessary for to refer to a third source, Creswell (1998), who has put together a syncretic working definition of grounded theory, with a set of working principles. The primary objective of grounded theory is to discover a new idea that has not existed before. The researcher must try to forget as much as he can the theories he already knows, to minimize the impact they will have on his work i.e. the information bias." The new concept tries to explain relationships between different elements and a phenomenon, and this production of relationships must provide realistic ties between elements and group of elements. The data that is used during the application of the process should be collected through interviews, observations or documents. Systematic analysis of the data should be taken over, starting as soon as the very first piece of data has been collected. The study is based on categories that the researcher should identify, and after that, link them. It is important to start the processing of the data as soon as the first pieces arrive in order to give an orientation to the future data collection. The collection of data can be stopped when the emerging concepts have been defined.The purpose of grounded theory is not to answer Yes or No questions, but rather to come up with a new theory to be tested. Therefore, the final propositions that will be used in the research should emerge from the coding of data, using the reports of the UAE Cyber Security Team. However, there are some possible propositions for now, as well.The second part of the dissertation will use a quantitative method of analysis of the historical data set that already exists. In other words, the grounded theorys conclusions will be tested and checked from another viewpoint. This time secondary data will be used, from various sources. Two of the main sources of information and secondary data will be the International Monetary Fund (IMF) and the NBS (National Bureau of Statistics of the United Arab Emirates). The provided numbers will be used to test the correlation between and the new codes generated from the first phase and the macroeconomic variables. The data will first be analysed using descriptive statistics, using parametric tests. This will give me a general idea of the probability distributions. The data set from the IMF and NBS for macroeconomic variables will be used, to test the correlation between and the new codes generated from the first period and the macroeconomic variables. The data will first be analysed using descriptive statistics, using parametric tests. This will give me a general idea of the probability distributions.1.6Summary of ConclusionsThe research is based on a deductive structure. The collected pool of data is used as a tool to make the propositions. Those propositions derived, are based on independent variables, such as the macroeconomic factors and variables, military and political events, the price of oil, or the occurrence of public holidays. One of the aims is to have a separate outcome from those independent variables, that is to say, analyse what effect the different independent variables will have on cybercrime. On the other hand, the overall impact of those independent variables also counts to the analysis and findings of the research. The collective result is researched just as the result of the separate factors of independent variables. It is suspected that there is a positive correlation between cyber-attacks reported by aeCERT and the public holidays. The reason is that, during those times, most people do not work, so the systems that should be protected from cyber security are more vulnerable, and also, people with more free time can be subject to cybercrime to a greater extent. Another proposition is that there is a positive correlation between cyber-attacks reported by aeCERT and the price of oil. The reason is that if the oil price is higher, usually the political, economic and societal situation is also tense, resulting in a status in which cybercrime is more likely to happen. It is partly because that there are more reasons to do it, and also more possibilities. It is also figured out that there is a positive correlation between cyber-attacks reported by aeCERT and Macro-economic Factors (Unemployment, Inflation Rate, Stocks Market, and GDP). This proposal is mainly based on other countries experiences, for example, the thesis inspiring this work (Cyber Security Information Sharing in the United States: An Empirical Study Including Risk Management and Control Implications) made this conclusion. Finally, a further proposition states that: There is a positive correlation between cyber-attacks reported by aeCERT and the military and political events in the region. If the military and the politics are more active, it can bring many further consequences concerning cybercrime. The same can be seen from the study of the literature review and in the events of political and military events in UAE. Such events in specific months are directly correlated with the frequency of cyber-attacks in UAE; this is evident from the results. The price of oil has a direct effect on the level of cybercrime in a given period, just as different macroeconomic variables. However, the research model does includes the investigation of the connection between the impact of changing oil price on cybercrime and the impact on cybercrime by the different macroeconomic variables. Furthermore, it is also studied whether the military and political events and the public holidays impact on cybercrime are correlating, or not. Those independent variables do not depend on each other, but their impact on cybercrime is indeed in direct relation.From the analysis of tables in this chapter, it is apparent that Bugs, Viruses and Trojans have a strong correlation with the macroeconomic factors. Whereas, Exploits have a moderate correlation that has different degrees of significance with the two interest rate variables and three stock market indices. Finally, the critical Probes/Scans have a strong, positive relationship with all interest rate and stock market index variables.Bugs, Viruses and Trojans, have a strong positive correlation Gross Domestic Product, Inflation, and Unemployment variables. Exploits have less relationship with GDP. But the correlation with Inflation and Unemployment is strong. Probes/Scans have a strong relationship with the UAE Inflation Rate. However, this same variable has a strong relationship with GDP and Unemployment.In conclusion, there is a positive correlation with most macroeconomic variables and Bugs, Viruses and Trojans. Exploit Scripts have mixed results, as does Probes/Scans. In terms of impact, this study demonstrates that the two most prevalent types of computer malware (e.g. Viruses and Trojans) are associated with changes in macroeconomic factors. Therefore, these factors should be considered in building predictive models in Information Assurance and Security. The other factors would be useful in considering for further research in the future.Military and Political Events have mixed results. Also, this research study can be used as a basis for related research studies in the future.1.7Structure of DissertationThis research paper will consist of the following five chapters:-

IntroductionIntroduction is the chapter number 1 of this dissertation. In this chapter, background of the cybercrime is discussed in detail. After reading this chapter, one can have the better understanding of the cybercrime activities in the world and about different forms of cybercrimes.Literature ReviewLiterature Review will be the chapter number 2 of this dissertation. In this chapter, previous incidents of the cyber-attacks will be discussed in detail along with the different legislation made for managing the cyber-attacks in the world. In simple words, all the previous work that is made in the field of cyber security will be reviewed to get the maximum knowledge about the different issues of the cyber security.Research MethodologyResearch Methodology will be the 3rd chapter of this dissertation. In this chapter, different techniques will be discussed that are used by the researchers in carrying out the different research works. After discussing all the known techniques of the research, we will select the best method for doing the research in the cyber security area in United Arab Emirates. The method that will be used by us will depend on the research objectives, research aims and research question of the dissertation.Analysis and ConclusionAnalysis and Conclusion will be the 4th chapter of this dissertation. In this chapter, all the data collected during the research work will be analysed, and this study will be made to achieve the desired results of the research and conclusion will be drawn from the study of the data in this chapter.RecommendationsAfter the data is analysed, and the conclusions are drawn from the chapter number 4 of the dissertation than the next and the final chapter of this dissertation will be Recommendations. Based on our learning and the conclusions made from the research work, we will provides some suggestions or recommendations to the reader of this dissertation about managing the cybercrime activity, and this will also include the steps that can be taken by the Government of United Arab Emirates to control the cyber-attacks in their country.

CHAPTER 2:LITERATURE REVIEW2.1The Purpose and Definition of Cyber SecurityThe definition of cybercrime given by Babu & Parishat in 2004 was that Cyber Crime constitutes as an illegal act where computer systems are used against a person, his property or the state to commit a cybercrime (Wiesen, 2012). Sukhai reported in 2004 that 60% of cyber-attacks are not even detected and that out of the ones that are; only a paltry 15% are brought to the attention of the governing authorities (Townson, 2006).There is no doubt that cybercrime is one of the most rapidly accelerating kinds of crime today. An increasing number of felons are making good use of the easiness, quickness and inconspicuousness offered by advanced technologies of the 21st century to indulge in a wide range of unlawful activities most of which consist of attacks on systems and data, stealing identities, the circulation of pictures pertaining to child sexual abuse, fraud involving online auctions, misusing financial services available on the internet, spreading viruses, botnets and numerous scams operated through electronic mail, of which phishing is a prime example (Julia, 2012).Every country in the world needs to constantly modify its local offline controls in order to be well equipped to combat cybercrimes as the internet does not adhere to geographical boundaries, and that allows wrongdoers to carry out unlawful activities worldwide (Townson, 2006). One of the most potent threats to national and international security lies in the use of the internet by extremists, especially to spread fundamentalism and to attract more people. (Lunjevich, 2010)The menace of terrorism has also forced authorities to focus on possible loopholes as far as the security of the infrastructure of information technology is concerned especially in strategic and/or high value assets such as power plants, electrical grids and databases; not to mention the softwares and systems of governments and multinational companies (Khaleejtimes.com, 2006).According to Nissenbaum 2005, cyber security is a technical term for the securing of computers, but it can have severe societal effects as well (Euromonitor International, 2009)In addition, it includes problems related to electronic surveillance and camera systems, property and infrastructural protection, hacking by terrorists against other countries and computer networks used for communication at large (Latham 2003:1) (Higher Colleges of Technology, 2009). The term cyber security came into existence after authorities realized that the cyber infrastructure had to be protected (Aitoro 2010). Numerous terms regarding cyber security have come into existence. A deliberate cyber-attack by a person residing in one State to another with the intention to cause real-world harm is called Cyber warfare (Lunjevich, 2010). Moreover, Cyber-espionage is a similar the illegal attack where sensitive digital information is stolen from a state or a computer system (Van, 2008). Lastly, any sort of cyber theft committed online and where a computer or network has been used to carry out that crime is called Cyber crimeAitoro 2010) (Lieberman, 2011) .The next part of Obama's speech reflects the facts that not only are governments of the modern day worried about matters pertaining to cyber security, they are also well aware of the obstacles they face."Cyberspace exists and so do the risks along with it. The irony lies with the limited information we have as the system which encourages and gives us the power to create and develop also encourage others who intend to commit crimes in the cyber world" (Lieberman, 2011).According to Baggili and Rogers 2009, research on cybercrime has traditionally tried to come up with technological tools to combat it (Euromonitor International, 2009)Rogers was of the same view and back in 2003, Rogers highlighted that the psychological side of cyber-criminal activity has not been aptly researched upon (Sean, 2007). He is of the opinion that intensive research should be carried out related to the cyber criminals personality and the purpose behind his attack. This would also prepare authorities to prepare counter attacks and improve their defending attempts against cybercrime (Blackwell, 2009). One of the main reasons why cybercrime is committable is because the attacker can easily be anonymous for the outside world. Lieberman, 2011, p.1 has described this state as being unidentifiable amongst everyone else. Anonymity and its role with human interactions in the digital world are considered to be an advantage for cybercrime committers (Lunjevich, 2010). Hinduja in 2008 agreed to the risk factors associated with anonymity and said that this is one reason unlawful sharing of software is made possible, and cybercrime has become so common online (Centre for Democracy & Technology, 2008). In order to establish the trustworthiness of an employee Blackwell, (2009) has provided that one of the very first requirements of hiring an information technology specialist should be a reliability test whereby the person is tested if he is the kind to sell out business secrets to others since he has access to the companys information via its internal servers and networks. In addition to this research Foss, 2009 evaluated the connection of cybercrime and employees misuse of company information before hiring them in 2009 (Fidelis Security Systems, 2011). Greenstein & Feinman summarized the importance of secured computer systems by stating that information on computers should only be accessible by authorized personnel since such information is the most classified side of the organization without which leads to the companys downfall. Another way to put it is the description given by Lukasik, Greenberg and Goodman provided in 1998 (Aecert.ae. 2006). They said that, for any given society and its existence, a detailed infrastructure is essential which comprises of basic facilities, the performance of employees and system installations which help in the functioning of information processes, water and electricity provisions, transportation and institutions (Townson, 2006). 2.2Cyber Security & Cyber CrimesWith the advancement in the Information technology, the way of doing crimes is also changed nowadays. Gone are the days, when robbers enter into the house and take away the valuables of its residents (Soma, 2011). In these modern days, there are new ways of stealing and robbing the other information and their assets. This stealing is proving to be more dangerous than traditional robberies as the person might remain unaware of it for quite some period. (Jason, 2011)

Issues like Cyber security and Cybercrime are those issues that can barely be separated in a unified environment. The resolution of UN (2010) on cyber security 35 discourses Cybercrime as a major encounter (Soma, 2011).In the enduring development of information technology Cyber security and internet services plays a significant role (Penney, 2007). Augmentation of Cyber security and protection of perilous information substructures are obligatory in nations security and as well for economic wellbeing. For the development of new services and state policies, it has become essential to take steps in order to make internet safer and as well for the security of internet users. Dissuading of Cybercrime is a vital element not only for national Cyber security but as well for the acute structure protection stratagem (Steiner, 2009). This comprises the espousal of appropriate legislature in particular in contradiction of the misappropriation of ICTs for criminal or other tenacities which envisioned distressing the national precarious infrastructures integrity. This is the communal responsibility at the national level required synchronized action correlated to report, preparation, anticipation and retrieval from incidents on the fragment of state authorities and private sector and citizens (Urbas, 2008. This requires coordination and cooperation with pertinent partners at the international and provincial level. Thus, the origination and implementation of a national agenda and tactic for cyber security necessitates an inclusive approach (Aecert.ae. 2006). The examples of cyber security policies can help in reducing the risk of cybercrime as through the expansion of technical security systems or by educating the users to avert them from becoming the dupes of cybercrime. In the fight against cybercrime the development and support of cyber security strategies are vibrant elements (Blackwell, 2009).Crime exists in society since thousands of years but with the passage of time, it shapes kept on changing. Traditionally, stealing the money was included in the crime but nowadays stealing the information also comes under the definition of crime (Blackwell, 2011). The most obvious reason behind this is that the world is growing so fast that sometimes information available with the person is far more important than the money available with him. A person might be able to bear the loss of the money, but he might not be able to bear the loss of his information (Sean, 2007). Nowadays, everything is based on the information available with the person. Even the organizations that are doing their businesses in so much competitive market make their decisions on the basis of the information available with them (Biever, 2005). Organizations are spending millions of dollars in making their IT infrastructure and servers strong and inaccessible. Information stored in the computer systems of the company are very important for them as they can use the information in the future in order to gain a competitive advantage over their competitors and after all this hectic efforts, if the information available with the company is stolen then it will be a far bigger loss to the company then losing its money because lot of effort was put in by the company in gaining its information and also the decision making process of the company will be affected due to this loss of information. Hence, sometimes loss of information becomes the bigger loss than the loss of money (Bronitt, 2008).2.3Cyber Crime & InternetTrend of increasing the internet is increasing with the passage of time throughout the world. More and more people are attracted towards Internet due to its benefits and growing necessity in life. Internet has now become the essential part of our life (Vacca, 2001). It does not matter from which age group we belong; everyone is using Internet according to his interests and desire. With the growing websites on the Internet, people from all age groups can find the stuff related to their interest on the Internet and therefore this availability of the desired information on the Internet keep the people intact with the Internet (Sammes, 2012). As the Internet is now widely available, people with the negative thoughts also have the Internet available with them and due to the tons of information available on the Internet it gives another chance to them to steal other assets, but in order to access the other information these people should have the information about computers and experts on the Internet usage (Vacca, 2001). In modern language, people who put their efforts on computers and Internet in order to increase an unauthorized access to the other information are known as Hackers (Jason, 2011).Hackers have the excellent information about the computers and the Internet. Through their experience, they always focus their efforts towards getting the information about the people that may include knowing their email details, bank account details or the transaction history of the person (Caloyannides, 2010). Nowadays, people are also engaged in doing shopping over Internet by using different types of credit cards, this fact also increased the risk of hacking of credit card numbers that are used over the Internet for the different purposes (Aecert.ae. 2006). Once the credit card number of the person is revealed to some hacker, then the hacker can make use of the credit limit of the card and the bill will be charged to the original owner of the credit card therefore in this situation, need of Cyber Security is much increased now (Ellison, 2011).Looking at this hacking in the broader situation, it is not only that hackers can gain the information of the credit card numbers and can use them for their own purposes but in addition with this, bank account information are also available on the Internet and people can access their account through Internet banking offered by the different Financial institutions (Blackwell, 2009). It is very important for the financial institutions to keep very strict security checks on their computer servers in addition with extensive firewall settings so that hacker cannot access the server of the financial institutions or in other words the bank accounts of the account holders of the Bank (Sean, 2007). If we look at the state level then nowadays records and information available with the government is also computerized (Bronitt, 2008). Traditionally, the information with the state were recorded on the registers and record was kept manually by the state departments so in order to get some information one have to physically access the records room and have search in every file for the desired information but now with the advancement in the Information technology all the information and the record of the government departments is now computerized (Clarke, 2004).By this computerization, it does not required to physically access the record room of the government departments one can do this by using Internet from any part of the world (Vacca, 2001). Servers of the government departments can be accessed by the hackers, the hackers can break its security settings and eventually, the information stored in the servers can be accessed by them (Vacca, 2001). This leakage of state data importance can be very sensitive for the country interests and can also results in disturbing the country relationships with the other countries of the world. One of the latest good examples of this is the access to the sensitive state information by the Wiki Leaks. Although knowing the internal stories of the state matters was found to interesting by the people, but it resulted in disturbing the relationships between the countries also (Sammes, 2012). 2.4Why Cyber Crime?There is always a reason for doing a particular action for a rational person. A rational person always has a solid reason to prove that the he is doing has some benefit and value for him (Bronitt, 2008). If a person does not have any benefit or value for the particular action than usually, he does not get involved in these activities. Similarly, criminals doing their work in the different parts of the world have their own aims and in order to gain their aims and to meet their objectives they get involved in the criminal activities (Vacca, 2001). In past days, criminals objectives of the criminals were to theft the money of the people and then use this money for enhancing their criminal activities and increasing their area of activity. Most of the money that was theft by the criminals in the previous days was spends on their security expenditure (Ellison, 2011). Criminals always use to keep themselves away and safe from police so that they cant be get caught by the police officials. Also, with the passage of time the police around the world was getting more efficient and it was becoming difficult for the criminals to continue their criminal activities. This efficiency of the police reduced the crime rate in the society but still there was a crime in the society, and it was never finished in the society (Casey, 2006). With the passage of the time, each area started to develop in the world that also changed the living style of the people. People started using the safe vault lockers facility available in the banks for the protection of their valuables and used to deposit their hard earned saving in their bank account for the security and saving of their money (Koops, 2007). This reduced the trend of keeping the saving money at the home and fewer chances were available with the criminals to theft the money as it was much difficult for theft the money placed in the bank rather than the money placed at the home of the individuals (Lynch, 2008). As the development in the information technology sector is observed, trend of using the information technology also increased in the every sector of the world. People start using the information technology in their business, in their personal lifes and also to carry out their business transactions. Information technology usage is now so much developed in the world that even the secret government information of the different countries is now computerized (McCusker, 2010). This changed trend of world also introduced the new ways of doing crimes and cyber criminals were introduced that used to theft the information available in the computers and networks (Kerr, 2008). Information that was theft by the cyber criminals includes the personal bio data of the person, passwords of internet servers, hacking of the bank account details, hacking of financial transactions and accessing the credit card of the person (Lynch, 2008). Doing cybercrime is not like the traditional crime as in order to perform the cybercrime, criminals should be educated and have very good and in depth knowledge of the computer system. Cyber criminals should be expert in computers so that they can access the information that is stored and protected by different passwords (Norfolk, 2011). Once the cyber criminals or hackers got the desired information, then the information gained by them is used for their benefit, for example, if the hacker get the credit card information of any person that had used his credit card on the Internet then the hacker will make transactions through his credit card and can do shopping and other stuff on Internet at the expense of some other person (Penney, 2007). Cybercrime is also like the traditional crimes but people are getting more involved in the cybercrime because Internet is widely available in the world and it can access by the criminals from any place and due to this benefit of cybercrime, trend of doing the traditional crime is reducing and the trend of doing the cybercrimes is growing (Sinrod, 2008). Another benefit that the criminals think while they get involved in the cybercrime is that the chances to get caught in the cybercrime are very rare as compared to the traditional mode of doing crime as for the cybercrimes criminals dont have to reach the premises to perform the crime, in fact, they can do the crime while sitting hundreds of miles away from the area of their attack (Soma, 2011). All these reasons appreciated the cyber criminals and the cybercrimes in the recent times. 2.5Importance of Cyber SecurityWith all the above reasons, need of the Cyber Security is growing with the passage of the time. When the computer systems and Internet were introduced it was not in the mind of the inventors that the time will come that it will be attacked or hacked by the group of the people but as there are people with the negative thoughts and negative ideas, there cant be a situation in which the invention does not face any problem in its existence. Hacking is playing the same negative role in the development of Information and technology (Richard, 2011). According to Urbas (2008), Different laws and legislation is being made on the hacking and Cybercrime in the different countries of the world but in spite of that fact, it is becoming difficult for tracing the hackers and giving those punishments and one of the main hindrances in this is to trace out the location of the hackers (Van, 2008). Internet is widely available all over the world, and the hackers can perform this hacking process by sitting at any place of the world hence making it difficult for the investigation agencies to trace them (Cybercrime Law, 2009). In this scenario, the only way left for protecting the servers from the hackers is having the efficient security measures in the servers so that hackers may not be able to access the servers and get the secret information from their (Townson, 2006). Some of the commonly used measures now taken at the servers are includes setting of multiple passwords on the servers, installing of complex firewall settings on the server, etc. These measures are found to be little useful in protecting the servers, however, as the hackers are also learning new tools of accessing the informations, there is always a need for the up gradation of the Cyber Security measures at the servers (Wiesen, 2012). To secure the computers, cyber security measures are now necessary for every computer system connected to Internet. If we take the example of the personal computers, then the user information is available in the personal computer that includes his email ids, passwords, bank account login details, his banking transaction history and also his credit card details (Hughes, 2012). Even if the personal information of the person is hacked it can be very damaging for the person as his bank accounts can be used without his consent, purchasing can be made through his credit card even without his knowledge and also his personal information can be leaked (Townson, 2006). With the growing usage of the social networking websites, now, the hacking of the personal computer of one person can also results in the indirect hacking of his social network. Hence, it is not only one person that can suffer from the hacking of his personal computer, but also his social networks people can suffer from the hacking of his personal computer (Julia, 2012). Organizations businesses are also now dependent on the Information technology infrastructure available in the organization (Howe, 2012). More secured information technology setup is available in the business, more secured is the information of the company. Companies business are now dependent on the information available with it as a decision making process of the company is entirely dependent on the information with it. If the information available with the company is leaked due to the hacker attack on the systems, then it can affect the market position and strategy of the company (Hughes, 2012). Competitors of the company can use the information of the business and can know about the future strategies of the company and can make proactive decisions in their business to increase a competitive advantage over the other business hence, the information security is vital for success of any business (Higher Colleges of Technology, 2009). State departments records and information are also now computerized nowadays and due to computerization of the information; there is always a risk that the sensitive information can be hacked by the hackers and can be used for blackmailing the state of the country and its departments (El-Sheikh, 2009). Hence, Cyber Security is of prime importance for the Government departments, and every step should be taken by the government in making it's Cyber Security effective and upgrade at all the time. Cyber Crime can be physical or can also be nonphysical. In the physical cybercrime, information technology systems that may include servers also can be physically theft by the robberies. Through this way, they get the physical access to the servers, and they can easily get the information from the server (Fidelis Security Systems, 2011). This is the traditional way of doing theft and gathering the information. This physical cybercrime activity can be controlled by appointing the proper security guard services to the computer premises and these guards should be made responsible for the security of the Information technology (Lunjevich, 2010). However, with the passage of the time, these physical thefts of system are reduced to the minimum numbers due to the risk involved in carrying out the physical theft (Khaleejtimes.com, 2006). Another self-made enemy by user of the computer system is the environment in which the computer system is physically present. It is always advised by the computer manufacturers as well as by computer experts to keep the computer systems in a well air conditioned control conditions. If the well air conditioned, neat and clean environment is not maintained it can result into physical damage to the computer system as well damaging of the data that is stored in a computer system (Lunjevich, 2010). Although, this point does not come under the cyber securities or cyber-attacks but since this is also one of the reasons for losing the stored information, therefore, it was quite necessary to discuss it at this stage of dissertation (Khaleejtimes.com, 2006). Due to the danger involved in the physical theft of the computer assets, hackers decided to move towards the virtual theft in which the owner of the asset also remains unaware for the particular period that his information is gathered by someone else and hacker is now using his information for his benefits over Internet (Lieberman, 2011). One of the techniques used by the hackers is to develop the viruses and transmit these viruses to the computer of the targeted individuals. These viruses are usually placed on some particular website of the internet and as soon as the computer user enters that website, virus start downloading in the memory of the system and once downloaded then it is auto installed to gather the needed information from the computer system (Blackwell, 2009). Although antivirus introduced by some of the major companies of the world have this ability to trace out the virus and remove it from the systems effectively and efficiently but as the hackers are involved in building up the new viruses with different functions sometimes it becomes hard for antivirus manufacturers to deal with the latest updates in the viruses in a timely manner as viruses are developing at a rapid pace in the world (Blackwell, 2011). According to a rough estimate, each week around millions of anti-viruses are developed by the hackers and spread over the Internet to increase the required information from the targeted individuals (TRA.gov.ae. 2010). Another technique is used by the hackers to damage the computer through virus is the email generator. By using the email generator, different emails are generated by the hackers on some specific interested subject and virus is attached with the email. Once the person opened the email from the hacker, the virus got installed in the system of the person and gathers the required information from the system and store in it (Khaleejtimes.com, 2006). On the next connectivity with the Internet of this specific system, the stored information file is sent back to the hacker that includes all the details of the user of the systems (Blackwell, 2011). As Internet is now widely used by the people also for the shopping purposes and also to view and conduct transactions in their banking accounts, therefore, this fact has more increased the need of having the good cyber security measures (Sean, 2007). If there is not efficient cyber security measures in the Government, then credit card information and the bank account details of the person can also be accessed by a hacker, and then these details can be misused by the hackers and the financial loss will be occurred for the real owner of the credit card or bank account (Blackwell, 2009).2.6 UAE & its EconomyUnited Arab Emirates is also known as UAE. UAE is located in the gulf region of the world. Due to the tourism industry of the UAE, every year millions of tourists from all over the world visit UAE with their families and this give the boom to the business activities and the development of the Information technology information infrastructure in the country (Sean, 2007). In the recent years, there is so much development is done in UAE that it is now included in the list of the most developed countries of the world (Foss, 2009). The United Arab Emirates are situated strategically across the Straits of Hormuz from Iran. The country is among the richest countries of Middle East having a population of approximately 5 million that includes 78 per cent emigrants. The immigrant population has increased with the progress, taking place fast in the UAE (Blackwell, 2011). Higher priorities for the ruling sheikhs are power of the state, growth of the economy, and the Islamic integrity (Foss, 2009). The biggest, richest, and politically most dominant of the 7 inherited sheikhdoms or emirates which include the UAE is Abu Dhabi. Dubai is the 2nd major and most densely populated emirate. Dubai has developed into an important city-state and become the globalized economic hub. The economy of the UAE has developed at a fast rate in recent years, and one of the consequences has been an increase on internet penetration and increasing dependence of critical infrastructure on advanced electronic systems that could be vulnerable to cyber-attacks. Contrary to popular belief, the economy of the UAE is not anymore overwhelmingly oil- based. The economy is more diversified today, and the non-oil manufacturing and service sectors contribute almost 2/3rd of the GDP account of the United Arab Emirates (Blackwell, 2011). Chuck (2010) conveys that, with this development in the economics of the United Arab Emirates, more organizations were attracted towards the United Arab Emirates and started their business in the UAE (Lunjevich, 2010). With the passage of time, use of information and technology also increased in the country than at that period of time it became the responsibility of the UAE Government to safeguards the interests of the foreign investors and one of the major threats to the foreign investors was the large numbers of cyber-attacks that were made by the hackers of the systems and servers of the companies and it cost the loss of millions of dollars to the foreign companies as they always lost something important as the result of these cyber-attacks (Khaleejtimes.com, 2006).2.7Cyber Security in UAECyber security threats and cybercrimes are critical issues that put at risk efforts for establishing the state as a global business centre. Deep Packet Inspection (DPI) is employed to stop, examine, and block network traffic, and the practical solution which recognizes and secures against security risks, containing viruses, worms, as well as hacking attacks which can build extensive security, financial, and logistical issues for entities of government, and businesses (UAEinteract.com, 2007). But, utilizing DPI was controversial as it allowed governments as well as other users spying on individuals and firms (TRA.gov.ae. 2010). The key commercial use for DPI comprises of dealing with network traffic flow, making sure service quality, and carrying out targeted behavioural advertisement, where DPI is used secretly to get marketing information and develop a profile regarding all individual consumers. With computer crime becoming the most important issue in the United Arab Emirates, as proved by the huge rates of cybercrimes and computer system crashes, the use of DPI technologies offer a possible cyber security solution to the crime problem. The truth is Cyber Security is influencing nearly every industry on many different levels. Excluding the direct global and political threat of Cyber war, experts have observed that the Middle Eastern region is facing unparalleled attacks on its financial institutes; they attribute this to the irresistible prosperity of the Gulf States (Lunjevich, 2010). This more emphasizes that the cyber threat comes from an enormous range of interest and intent, so they are changeable and untraceable. The Middle Eastern region is the fastest growing a main target for cyber criminals, frequently as so many regional companies are under equipped to deal with cybercrime. Complicated and advanced cyber-attacks in the United Arab Emirates, that is Stuxnet and Flame have decisively showed that although anti-virus, IDS/IPS and DLP remain vital mechanisms of cyber security, they get failed in delivering the extensive security required at the time of advanced constant threats and abuses. The 2nd major economy of Gulf is also the biggest source of spam in the Gulf after Saudi Arabia (Lieberman, 2011). The United Arab Emirates are the most affected GCC marketplace with fifty six % of the overall attacks, followed by Saudi Arabia that registered 23.4% of the overall GCC attacks. Oman, Bahrain and Kuwait shared an average of 6 % each. According to a study by the Telecommunications Regulatory Authority (TRA), UAEs 82 % of private sector companies operate a business web site, with about the similar average of workers using a computer as part of their working day (Wiesen, 2012). Online crimes are no longer about to steal wealth and identities of people; though these remain the most general and profitable scams (Julia, 2012). Cybercrimes groups are now able to launch devastating attacks on whole defence systems, as well as state infrastructure. At the same time, Internet users were also increasing at a rapid pace in the country. The internet usage growth in the Middle East was 1825% over the past 10 years (2001 - 2011). As of June 2010, the internet penetration of the UAE had reached 75.9% that is the obviously a high percentage as almost 2/3rd of the population of the country is engaged on the Internet usage. (Hughes, 2012) Advanced information technologies provide services that bring convenience and make life easier, but there is a price to pay in terms of dependence to electronics that have become necessary to achieve even mundane tasks in our lives (Wiesen, 2012). Newspapers are available online, which allow them to save on paper, but makes it also easier to deface it to all viewers at the same time. In May 2008, Al-Khaleej newspaper website was hacked, and its' online version defaced in the process. The attackers used this opportunity to convey their political message in this event. According to Symantec's State of Phishing report 2010, the UAE entered the Top 15 of countries most affected by phishing attacks (Higher Colleges of Technology, 2009). The trend has continued, and as the internet becomes more developed in the UAE, the potential for damage from cyber-attacks grows larger as well in the country. The Norton Cyber Crime Report from 2012 explains that there have been 1.5 million cyber victims in the UAE, in 2011, that the average loss per victim was 283$ (Howe, 2012). This shows that cyber security is a serious issue in the UAE, and that the mission of UAE Computer Emergency Response Team CERT is critical (Van, 2008).2.8What are Cyber-Threats?Any given threat to a computer system, whether it is hardware related or software related, is termed as "cyber security risk." These threats are inevitable in the digital world and are deemed to exist just because the system exists (Wiesen, 2012). They cannot be entirely avoided or fixed that easily regardless of the technical advancements in cyberspace. (Julia, 2012). The important part of cyber security is to pay close attention to the security of the computer system because without suitable and comprehensive security measures, the threat is set even if the computer system has not been a victim to one (Townson, 2006). No disastrous incidents have been reported till date hence taking complete cyber securitization measures is the number one priority for everyone. There are no limitations to cyber-attacks; therefore, the security of computer systems is highly important on a regular basis especially because these systems may contain vital information (Julia, 2012). Another important factor is that the cyber security is an integral part of expert Security Studies whether they are individual, collective, economic, political, public or private. If cyber security is not dealt with significantly private security, network security, state security, national security and every related body, are all considered to be at the risk of cybercrime (Van, 2008)2.9Developments of Cyber CrimesInitially, cybercrime was only committed by one IT expert with malicious intent or a small group of IT criminals however; nowadays there are a number of structured and professional cybercrime-committing groups emerging who use their expertise to obtain important information unlawfully (Higher Colleges of Technology, 2009). Statistics shows that, in 2007 and 2008 alone, IT criminals have successfully committed cybercrime estimating USD 8 billion regardless of the development in cyber security. Furthermore, intellectual property worth USD 1 trillion has been stolen from multinationals and worldwide businesses by these criminals in total (Van, 2008). 2.10Geographical importance of Cyber CrimeDespite the fact that the digital world is borderless, and no place can be associated to it, data has proven that cybercrime can be linked to particular geographical features where cyber criminals intend their cyber strikes (Higher Colleges of Technology, 2009). These cyber criminals are expert in their malevolent actions and usually focus on how they can raise the most amount of money for their actions. Their attacks are dependent on the level of the countrys economic development; the level of internet usage in the country and the number of internet users present in the country (Lunjevich, 2010). Once their potential victim is in place, they initiate their cyber-attacks regardless of their own place. Following is an analysis of Cyber-criminal activity in the western part of the world and related statistics. The countries analysed are the United States, Canada and Western Europe (Lieberman, 2011). The Gross Domestic Product or GDP of the United States was $14.66 billion in 2010 which made the US stand second in place. The GDP of European Union was $14.82 topping the US record (Lunjevich, 2010). The number of internet users in USA, Germany, UK, France and Italy were 245 million, 65.125 million, 51.444 million, 45.262 million and 29.235 million respectively. According to these statistics, the US is in second in place again for the number of internet users in the country. (Khaleejtimes.com, 2006) According to interntworldstats.com, the penetration of internet was the most in North America by 78.3% making it the number one country in the world for internet breaches. Europe stood in third place with a 58.3%. (Lieberman, 2011) The usage of internet has increased in the modern society from it being present in schools, libraries, public institutions to offices and at home (Aecert.ae. 2006). The internet is used widely for purchases and online transactions including managing bank accounts. Mobile internet has extended the digital world by cheap internet plans and unlimited access to the internet 24/7 (Foss, 2009) The amount of users being a victim of cyber-attacks as per H1 2012 were 38.8% in the USA, 28.8% in Germany, 36.8% in UK, 36.3% in France, 43.5% in Italy and 32.1% in EU. Operating systems most commonly being penetrated were Windows, Android devices and Mac OS X (Howe, 2012) This analysis proves that the majority of heavy internet users are present in western countries. The internet has been the most common way to communicate and interact long distance since the time it was introduced, hence making it one of the most important facilities of life (Van, 2008). Financial transactions and other monetary related proceedings are dealt with over the internet as well making it one of the most important mediums of the economic world (Xingan, 2007). With increasing threats, the western part of the world has also upgraded their skill-set when it comes to cybercrime. Computer systems have been guarded with special software developed by IT specialists keeping in mind the preceding attacks they have had, making them harder to penetrate into. One of the many basic solutions for internet users in the US and Europe has been the installation of antivirus which protects the computer from common viruses and Trojans (Darrel, 2011). With newer forms of operating systems and continuous development in this area, such countries have been able to counter-attack cyber criminals. With updated security systems, the users in these countries have been able to resist cyber criminals from stealing data unlawfully. In 2012 almost half of the population, in these countries was using Windows 7 which was 6% ahead as compared to the global average (Irvine, 2008). The more advanced operating system is, the secure the system is with its newly integrated security solution. Advanced technology has introduced several new combating methods against malware. ASLR, DEP and digital signature driver installation commands are such examples along with many more. License attached to these operating systems and consistent updates via these operating systems are signs of security itself (Darrel, 2011). 2.11International Extents of CybercrimeInternational extents of Cybercrime are considered as included perspective. During the transfer from sender to recipient E-mail with illegal content often pass through a number of countries or stored outside the country (Irvine, 2008). Close collaboration between the countries convoluted is very important within the cybercrime investigation. The mutual legal prevailing succour agreements are based on complex, prescribed and often stints consuming techniques moreover every so often they do not asylum computers unambiguous research. Settings up procedures are, therefore, vital for a quick response to incidents and entreaties for international cooperation (Steiner, 2009). The internet although may not distinguish border controls, there are means to constrain admittance to certain information (Cybercrime Law, 2009). Some websites can be blocked by the access providers and the service provider who stores a website can avert access to data for those users linked to a particular country on the basis of IP address. Both procedures can be evaded but are nevertheless the apparatuses that in a global network can be used to maintain regional differences. According to the Open Net Initiative reports approximately in about two dozen countries this kind of bowdlerization is practiced (Van, 2008).2.12Cyber Crime ActivitiesThere are many activities that falls under the definition of the cybercrime. However, generally there are two groups in which the cybercrime can be divided: - (Higher Colleges of Technology, 2009) Computer Target Crimes Crimes that is facilitated by the use of computersComputer Target Crimes may include Computer services attacks Virus Attacks MalwareCrimes that are facilitated by the use of the computers includes:- Fraud and theft of identity Accessing of Information Phishing Scams2.13Malicious Technology and its FeaturesNew advances in computer security systems also encourage malware authors to develop new mechanisms for cybercrime especially due to the Western side of the world. Malware developers fancy competing against this mechanisms and lunge into technical complexity to find their perfect cyber-attacks (Irvine, 2008). Because internet users in North America and Europe are the victims of new malware creations which can be either a malware which hides malicious codes in a computer system or money making scheme (Townson, 2006). There are four kinds of classifications for Trojan viruses which is one of the most common kinds of virus found in computer systems: (Wiesen, 2012)

Classification of Trojan virus by type in North America and Western Europe (H1 2012)Figure 1:Classification of Trojan VirusTrojans are commonly known viruses that have been in the cybercrime committing industry for a long time now (Van, 2006). This malware is continually modified with unique coding used to penetrate through any antivirus software in computer systems (Townson, 2006). These advancements have encouraged malware authors to develop viruses for other special purposes, as well. One of the main fascinations for cyber criminals is to monitor user activity and collect important data illegally. Some examples of such a Trojan are Trojan-Banker, Trojan-Spy.Win32.Zbot, Backdoor and Trojan-Spy.Win32.Spyeyes which have been used to access online banking systems and allowed the cybercriminal to have discretionary access to the account owners funds (Julia, 2012). Another way of extorting money from an internet user is through the use of rogue antivirus programs and ransom-ware which are viruses designed with multi-purposes (Hughes, 2012). Such viruses allow the cybercriminal to extract the users data and download other malicious viruses to the system.Main ways of making moneyMalicious programs used by cybercriminals (according to Kaspersky Lab classification)

Financial data theft(Getting access to finance-related accounts; Internet banking, PayPal, Ebay)Trojan-Banker, Trojan-Spy, Backdoor

Installation and sale of rogue antivirus programsTrojan-FakeAV

Theft of accounts to paid services, online games and services (Steam, WoW, Facebook, Skype, etc.)Trojan-PSW, Trojan-GameThief, Trojan-Spy

Personal data theftBackdoor, Trojan-Spy

The substitution of search results, ads, click fraudTrojan-Clicker, Trojan.Win32.DnsChanger, Backdoor

BlackmailTrojan-Ransom

Table 1:Cyber Crime and Money MakingBelow is a detailed account on how cyber criminals are earning their way through with viruses and other malware: Acquiring Financial DataWith advancing technology, the usage of internet banking has increased and so has the presence of Trojans stealing this data specifically in the US, Canada and Western Europe. Some of the infamous malwares are listed below: (Julia, 2012) Sinowal or Mbroot is a backdoor which collects financial data and infects the first boot record on the hard drive. Zbot or ZeuS is used globally to attack accounts of any bank. This malware is being further developed after its second version. SpyEye is another globally renowned Trojan which has the same purpose of attacking bank accounts and which competes against Zbot ZeuS

Statistics has shown that amongst all the cyber-attacks in 2012 in US, Canada and Western Europe 70% were Backdoor,Win32.Sinowal Mebroot attacks, 41% were Trojan.Spy.Win32.SysEye attacks out of which quarter of all Tro-Spy (Hughes, 2012).Win32.Zbot attacks were resisted. Paypal and Ebay accounts are also very tempting to break into for cyber criminals. 34% and 9% accounts were infected for these services respectively. Phishers are able to steal money from such account since they are linked with credit cards (Julia, 2012). They also try to swipe away more personal data such as social security numbers, date of births and cvv2 security codes of cards. Protective measures have been taken to battle account information stealing problems especially by the American and European banks. Some solutions such as e-token authentications, single-entry passwords, transaction confirmations via text on mobiles, have been put into place to deal with cyber-attacks on bank accounts (Khaleejtimes.com, 2006). Cybercriminal minds are constantly working towards creating and updating malwares to defeat these solutions. One prime development of such advancements is the creation of Zitmo program that has a dual functionality. It allows access to a persons mobile phone and can also access European bank accounts with the two-step authentication system (Lunjevich, 2010) (Lunjevich, 2010). Some malwares work hand in hand where a virus as Zbot ZeuS obtains the user name and password to enter the online banking system via an infected computer and Zitmo forwards the transaction authorization code to the criminal mastermind. This process is commonly used to transfer money from one place to another (Euromonitor International, 2009). In 2010, the arrested revealed how profitable this trend became for cyber criminals who were obtaining handsome amounts of money from online bank accounts and similar systems. They managed to extract funds worth $9 million in just three months using Trojan-Spy (Lieberman, 2011).Win32.Zbot from 600 accounts. There were many other incidents that went untraced hence the exact figure cannot be established, however, research provides that, with a number of cyber criminals in the market, the figure is likely to exceed 10 times more than this amount (Lunjevich, 2010). Direct and personal attacks on users are usually effective when cyber criminals obtain personal data. This information can be used in phishing emails sent to the bank where a person has his account at works if the correct bank is sent an email (Lieberman, 2011). Cyber criminals also use personal information.

The dynamics of rogue antivirus detections in the US, Canada and Western Europe in 2011-2012Figure 2: Dynamics of Rogue AntivirusThe distribution of these programs initiated in 2011 in the western part of the world. Rogue antivirus for Mac OS X was introduced in Mar and was spread with the help of partner programs. In the same year, Kaspersky Lab found that there are over 900,000 rogue antivirus programs which were the highest number of viruses ever found (Hughes, 2012). The authorities arrested PavelVrublevsky and two other cyber-criminal gangs who were known to be connected to these programs. Numerous search engines were made aware of these programs as well and took a step to actively remove all such malicious links from search engine results (Wiesen, 2012). 2012 was another year of its growing attacks, however, post-2012 these attacks were controlled and regulated to halt its extension (Howe, 2012). Although rogue antivirus is believed to be a steady source of income for many cyber criminals and their partners, they do not bring lucrative amounts as they previous did for them. Factual evidence has proven that cyber criminals were able to steal $ 72 million from 960,000 internet users in 2011 over three years who were later arrested in Latvia during sometime in June (Julia, 2012). Malicious search results have also targeted western internet users and ads on search engines which are yet another way to make money for cyber criminals (Van, 2008). The idea was brought up when search engines started to display advertising links on the top of the standard search results. These ads were replaced by money-making links for cyber criminals as each click on these ads meant a particular amount paid by the advertiser going to the mastermind behind the replacement (Xingan, 2007).

A sample of a Russian hacker informing others on a forum for substitution of search results in the US, Canada, the UK and AustraliaFigure 3:Russian Hacker InformationThe technical explanation behind this design is that Trojan programs modify the DNS servers/host files settings allowing user searches to