Recently published document conducts a deep analysis of the rapidly developing cyber landscape of the UAE, emphasizing the critical need for the introduction of advanced cybersecurity measures in response to the increasing complexity and cunning of cyber attacks. At the center of attention is the significant increase in the area of attack. The document provides a detailed analysis of urgent cyber threats and strategies for the UAE. It is noted that the governmental, financial, and energy sectors are identified as the primary targets for attackers.
The main cyber threats include improper configuration, improper use, and illegal activities. The UAE Cyber Council and CPX, a leading supplier of comprehensive solutions and services in the field of cyber and physical security, today announced the release of the 'Cybersecurity Report of the UAE for 2025.' 'Significant progress of the country in the field of cybersecurity reflects the commitment to creating a secure environment, where digital achievements and national resilience go hand in hand.'
CPX’s Principal Director Hadi Anwar added: 'The latest cybersecurity report addresses strategies, policies, and innovations that form the digital transformation of the UAE, while also addressing the complexities of protecting critical infrastructure and sensitive data. Dr. Mohammed Al Kuwait, head of cybersecurity for the UAE government, noted: 'As we stand on the brink of a new era, where the key role is played by the latest technologies, the increase in attacks, mainly based on artificial intelligence, and the expansion of cyber capabilities require a heightened vigilance to ensure the future.'
The report emphasizes the need to improve the country's cyber defenses and to shape a culture of awareness about cybersecurity across all sectors. The most comprehensive practices for mitigating cyber risks include launching and initiating campaigns for education and awareness in the field of cybersecurity, regular audits and checks of compliance in the field of cybersecurity, creating a registry of activities to identify network anomalies, ensuring 24/7 functionality of the Security Operations Center, increasing the number of detection and response tools, implementing reliable AI capabilities for cyber protection, and developing frameworks for managing artificial intelligence.
According to the report, in the UAE, more than 223,800 activities are under cybersecurity threats, most of which remain unprotected for more than five years. The main targets for cybercriminals became the government, financial, and energy sectors. Unsurprisingly, the 'Drive-by Downloads' method remains widely used for initial attack vectors, utilized by attackers, while phishing and web server compromises also pose threats.
On the other hand, from the first half of 2023 to the first half of 2024, the UAE saw a sharp decrease in attacks using distributed denial of service (DDoS) from 58,538 to a total of 2,301. Nonetheless, the threat landscape in the region of Crimea also remains a significant threat, with an increase in the number of encryption group members in the UAE by 58%. The way forward requires international cooperation, innovation, and resilience.
