Cybersecurity UAE is a ‘prime target’ for ransomware attacks By Divsha Bhat April 8, 2024, 12:56 PM Unsplash/Jose Aljovin A dedicated cybersecurity team can help to tackle threats, but only 32% of organisations in the energy sector have one Cyber Security Council warning 155,000 systems vulnerable Government and energy targeted The UAE is a “prime target” for ransomware attacks, the country’s Cyber Security Council has warned. Its 2024 State of the UAE Cybersecurity report says the Emirates’ rapid digital transformation has increased its vulnerability to cyberattacks, including ransomware incidents and distributed denial of service (DDoS) attacks. “The broader Middle East region” is a target for fraudsters seeking to extract funds by holding systems ransom, according to Mohamed Al Kuwaiti, head of cybersecurity for the UAE government. NewsletterGet the Best of AGBI delivered straight to your inbox every week He added: “We are witnessing a rise in DDoS attacks against UAE organisations, particularly against our critical infrastructure, amid a challenging geopolitical climate that amplifies cyber threats.” The report, published in March, calculates that there are nearly 155,000 susceptible assets in the UAE. These include insecure network devices, file sharing platforms, email systems and remote access points. Almost 70 percent of these assets are located in Dubai. The report, published by the council with CPX, an Abu Dhabi security company, found that insider threats have grown. This is fuelled by individuals within organisations misusing their network access, leading to data breaches. UAE ransomware payout size grows Emirates companies turn to AI in pursuit of cybersecurity UAE sets itself as the Gulf’s cybersecurity leader Al Kuwaiti warned that as organisations adopt cloud computing, artificial intelligence and machine learning, the cyberattack “surface” would become larger, providing criminals with more avenues for illegal infiltration. The financial implications of data breaches in the Middle East are also rising, with the region recording the second-highest data breach costs after the US. The average cost of a data breach in the Middle East was more than $8 million in 2023, the report said, citing IBM statistics. This is a year-on-year increase of about $600,000 and almost double the global average, which was just under $4.5 million in 2023 The council said government, energy and IT were the most targeted sectors – but a separate study has found that nearly a quarter of oil and gas and government entities in the region lack dedicated cybersecurity teams. The Middle East IT Industry Foresights 2024 report found that only 32 percent of organisations in the energy sector have well-established cybersecurity teams while 39 percent require improvement. In government institutions, almost half have strong security teams but a third need enhancement.