According to the latest cyberthreats reports, the UAE is facing a growing cybersecurity challenge, marked by a notable increase in malware detections among clients from January to May 2024. This surge reflects broader regional trends, with the UAE being identified as a 'prime target' for ransomware attacks.
Across EMEA, including Bahrain and Egypt, escalating threats underscore the urgent need for enhanced cybersecurity measures.
Also Read: FortiGuard Labs: Rise in Attack Impact Overshadows Decline in Ransomware Detection
The Middle East’s Threat Landscape
The UAE has seen a significant rise in the percentage of clients reporting malware detections in early 2024, with figures rising from 17.6% in January to 29.3% in both April and May.
Despite these increases, the UAE’s monthly percentages of global detections remain lower compared to high-risk countries like Germany, France, and Egypt. This indicates a growing but still manageable cyber threat landscape.
However, the sharp increase in malware detections among UAE clients reflects a concerning trend of escalating cyber threats, emphasizing the urgent need for enhanced cybersecurity measures.
The UAE has been highlighted as a significant target for ransomware attacks, according to the country’s Cyber Security Council. In 2023, data breaches in the Middle East cost an average of over USD 8 million, emphasizing the financial repercussions of such incidents.
Between January and May 2024, malware detections in the UAE rose by 11.7%. This uptick mirrors a larger pattern across EMEA nations, where increasing malware detections and notable ransomware incidents are becoming more frequent.
For instance, the ransomware attack on Seven Seas Technologies in the UAE during the first half of 2024 highlights the region's vulnerability to such threats, similar to high-profile cases in other EMEA countries.
Globally, Bahrain, Egypt, and South Korea were the top countries targeted by malware attacks in the first quarter of 2024. In April of this year, Bahrain had the highest malware detection rate (63.2%) in April, followed by Egypt with 42.6%.
Also Read: Increased Attacks on Network Infrastructure Observed in 2023
Emerging Trends
Ransomware is a major threat to small and medium-sized businesses (SMBs), especially in government and healthcare sectors. The latest study unveiled that among the top ransomware groups, LockBit, Black Basta, and PLAY were responsible for 35% of the attacks reported during the period.
From January to May 2024, managed service providers (MSPs) faced frequent attacks, with email phishing being the most common. Attack methods like social engineering, exploiting vulnerabilities, credential theft, and supply chain attacks were also used to breach MSPs.
The top MITRE ATT&CK techniques included PowerShell, Windows Management Instrumentation, Process Injection, Data Manipulation, and Account Discovery.
Alarmingly, cybercriminals are also deploying AI-generated attacks. These include malicious emails, deepfake business email compromise (BEC), deepfake extortions, KYC bypass, and malware creation.
On a lighter note, while AI aids attackers, it also helps defenders by enabling 24/7 detection and reporting of threats, allowing experts to respond swiftly and ensure business continuity.
In conclusion, given the escalating cyber threats, it's crucial for organizations globally and locally to invest in robust cybersecurity measures, including regular vulnerability assessments, employee training on phishing and social engineering, and the adoption of advanced AI-driven threat detection and response systems.
Continue Reading:
Building a Cyber-Defense Strategy