UAE counters over 200,000 cyberattacks daily

The UAE counters over 200,000 cyberattacks on a daily basis, according to the UAE Cyber Security Council.

These attacks, originating from cyberterrorist groups in 14 different countries, are aimed at the country’s most critical sectors, including government, finance, and healthcare, according to WAM.

While the scale is alarming, the Council has been quick to respond, using cutting-edge cybersecurity methods to neutralize the threats.

Which sectors are most vulnerable?

The government sector is bearing the brunt, with 30% of the total attacks aimed at it. The financial and educational sectors aren’t far behind, each taking 7%, while industries like aviation, healthcare, and technology each face 4%.

The remaining sectors comprise 44% of total cyberterrorist attacks.

What are the most common types of attacks?

The nature of these attacks varies, but most focus on critical infrastructure. A large portion — 40% — is aimed at information technology systems and infrastructure. Cybercriminals are also targeting file-sharing systems (9%) and exploiting database vulnerabilities (3%). Notably, ransomware attacks, led by the “Blackcat” group, account for 51% of all ransomware incidents.

The most common attack methods include phishing (10%), malware (22%), and unauthorized access attempts (15%). Incorrect configurations are also a significant vulnerability, accounting for 27% of attacks, followed by malware (22%), scanning and login attempts (15%), and phishing schemes (10%). Other tactics included unauthorized access (15%) and web-based attacks (11%).

The Cyber Security Council also identified the most dangerous discovered hacking methods and threats. Denial-of-service (DoS) attacks targeting endpoint devices remain the most common, accounting for 39% of all incidents. Encryption and data leakage attacks followed at 37%, while breaches of internet-connected applications made up 24%, ransomware attacks at 7%, and other attacks at 11%.

Use of AI in cyberattacks

The council explained that recent and complex breach attempts had been detected, revealing the use of artificial intelligence technologies, which pose significant challenges targeting digital infrastructure.

The Council emphasized the necessity for all government and private entities to comply with cybersecurity standards to avoid exposure to such malicious cyberattacks.

It warmed that AI is being used to develop more sophisticated malware, create convincing deepfake content, and conduct social engineering attacks. The integration of AI into ransomware programs has made these threats harder to detect, posing significant challenges to digital infrastructure.

Proactive measures urged

The Council anticipates that the current year will witness continued cyberattacks, with the adoption of modern and advanced technologies by entities. These attacks will range from traditional ones, like phishing and social engineering, to newer, more complex cyberattacks using AI, which are harder to detect without more advanced techniques.

The council called on government and private entities to comply with national cybersecurity standards.