Government, Energy, and IT sectors identified as primary targets for cyber threat actors in the UAE

Cybersecurity is established as one of the priorities of companies in the UAE, proof of this is the increase in investment and the participation of the CISO in the management committee. Cybersecurity in UAE’s companies is one of the top priorities; new work models and growing cyber threats have caused companies to dedicate more staff and capital to mitigating these types of risks. The analysis carried out by the UAE Cyber Security Council and CPX Holding announced the release of the ‘State of the UAE – Cybersecurity Report 2024’.

Highlighting the situation\’s urgency, the report has identified over 155,000 vulnerable assets within the UAE, with more than 40% of critical vulnerabilities remaining unaddressed for over five years. This vulnerability, coupled with the surge in advanced cyber-attacks such as ransomware, underscores the essential need for robust cyber defences in a region that is at the forefront of AI-driven technological innovations and geopolitical significance.

“In an era marked by increasingly sophisticated cyber threats that pose significant risks to our national security, the imperative for collective vigilance and strategic action has never been greater. The entire ecosystem should engage proactively in reducing the UAE’s vulnerability to these threats. This report serves as an urgent call to action for all stakeholders to unite in enhancing our cybersecurity measures, thereby protecting our digital infrastructure and securing the economic well-being and safety of our nation,” said H.E. Dr. Mohamed Al Kuwaiti, Head of Cyber Security for the UAE Government.

The Government, Energy, and Information Technology sectors are the most targeted by cyber threat actors, and traditional attack vectors such as Business Email Compromise (BEC) and phishing remain prevalent, still posing a continuous threat. These methods are likely to become more sophisticated with the integration of AI tools, enhancing social engineering efforts, phishing lures, and the deployment of deep-fake technology to deceive victims. 

The trend is further compounded by the financial repercussions of data breaches, with the Middle East, including the UAE, experiencing the second-highest data breach costs globally, reflecting the economic targets of cyber threat actors against the backdrop of Gulf prosperity. The rise in Distributed Denial of Service (DDoS) attacks further emphasizes the geopolitical intricacies of cyber threats, necessitating a comprehensive and strategic defense mechanism to protect the nation.

The report also highlights the unique cybersecurity challenges faced by the UAE, including advanced persistent threats (APTs), the increasing reliance on digital infrastructure, and the sophisticated tactics of cybercriminals. It emphasizes the need for the UAE to enhance its defense capabilities and foster a culture of cybersecurity awareness across all sectors of society.