The UAE has seen a sharp rise in cyber threats in 2024, particularly ransomware attacks, with 34 reported incidents between January and November, up from 27 in all of 2023, according to Acronis Threat Research Unit data. This increase reflects the nation’s prominence globally, making it a prime target for cybercriminals aiming to exploit vulnerabilities in finance, telecommunications, government, and critical infrastructure sectors. Additionally, as per the same report, Malware detections have also surged by 65.3%, jumping from 16.05% in 2023 to 26.52% in 2024.
Cybercriminals are increasingly using advanced malware and encryption techniques to attack financial institutions, targeting banks and financial services, and seeking to extort companies or sell stolen data on the dark web. With the cost of data breaches in the Middle East averaging $8.7 million, financial organisations in the UAE are under growing pressure to fortify their cybersecurity measures to protect sensitive data and avoid significant financial and reputational damage.
UAE’s critical infrastructure sectors, including energy, oil, and gas, are also facing heightened risks. Experts predict that cyberattacks on industrial control systems (ICS) and operational technology (OT) could severely disrupt production and lead to major financial losses. “The growing use of smart city technologies and the expansion of IoT in the UAE are increasing the digital attack surface,” said Ziad Nasr, General Manager of Acronis Middle East. “As more devices and systems become interconnected, cybercriminals have greater opportunities to exploit vulnerabilities, potentially essential services.”
The UAE’s strategic geopolitical position further elevates its vulnerability to cyber threats, particularly from nation-state actors. Advanced Persistent Threats (APTs), often targeting government and defence sectors, are expected to intensify in 2025. These groups deploy advanced tactics, such as spear-phishing, to breach critical systems.
Furthermore, the UAE’s strategic geopolitical position makes it a prime target for nation-state actors deploying Advanced Persistent Threats (APTs). These groups often target government and defence sectors, using sophisticated tactics such as spear-phishing to infiltrate critical systems.
In comparison to its regional peers, the UAE leads the Middle East in reported cyber incidents. For example, Saudi Arabia recorded 11 ransomware attacks in 2024, Lebanon saw an increase from 2 to 7, Oman from 3 to 4, and Jordan experienced a decline from 3 to 1. This positions the UAE as the most affected in the region, facing a higher volume and more complex cyber threats than its neighbours.
Phishing attacks are expected to evolve in 2025, with the integration of AI and deepfake technology enabling attackers to convincingly impersonate executives. This will create significant risks through Business Email Compromise (BEC) schemes and other social engineering tactics.
To combat these rising threats, Acronis urges organisations to adopt advanced cybersecurity solutions and strengthen their defences. This will be crucial for safeguarding the nation’s economic stability and boosting its resilience against the growing tide of cyber risks.
While the UAE may not rank among the top nations globally for cyberattack volume, its position as a regional target is clear. The sophistication and increasing frequency of attacks, augmented by AI, challenge the nation’s cybersecurity infrastructure. As the UAE moves toward becoming an ‘AI nation’, it faces both new opportunities and risks, making it essential to adopt comprehensive cybersecurity strategies and foster greater cooperation across sectors to mitigate evolving threats.
Discussion about this post