In the dynamic cyber landscape of the United Arab Emirates (UAE), a startling statistic serves as a clarion call to action: the Nation currently hosts at least with more than 40% of the top vulnerabilities being over five years old.
These vulnerabilities are further exacerbated by threat actors increasingly exploiting such weaknesses remotely, with Remote Access Technologies implicated in 23% of these exploitations. This stark reality underlines the urgent need for robust cyber defences in a country at the nexus of technological advancement and geopolitical significance.
As the UAE continues to flourish, integrating cutting-edge technologies such as AI asserting its prominence in regional and international arenas, it becomes an ever-more attractive target for cyber threat actors. This report provides a comprehensive overview of the cyber threats that emerged in 2023, detailing the major trends observed, the primary threat actors involved, the UAE’s cyber attack surface, common incidents, and the tactics employed by adversaries to infiltrate organizations.
A significant development in 2023 was the detection by CPX of the North Korean-linked Lazarus Group actively engaging in cyber espionage within the UAE. This activity challenges the prevailing belief that the Nation is only targeted by regional adversaries, highlighting the global scale of threats the UAE faces. Additionally, the rise in Distributed Denial of Service (DDoS) attacks, driven by groups with political motives such as Anonymous Sudan and Sylhet Gang, signals a trend likely to continue, fueled by the ongoing regional conflicts.
The Government, Energy, and Information Technology sectors emerged as the most targeted by cyber threat actors. Despite the evolving threat landscape, traditional attack vectors such as Business Email Compromise (BEC) and Phishing remain prevalent, posing a continuous threat. These methods are likely to become more sophisticated with the integration of AI tools, enhancing social engineering efforts, phishing lures, and the deployment of deep-fake technology to deceive victims.
The shift in attack vectors is notable, with a nearly 30% increase in Insider Threat-related incidents and an 18% increase in Drive-by-Downloads, largely driven by a rise in the use of Infostealing Malware and Spyware to acquire organizational credentials. This trend is corroborated by the high occurrence of malicious code, accounting for 22% of all cyber incidents in the UAE.
The report emphasizes that while the cyber threat landscape presents a formidable challenge, effective cyber defences based on core cybersecurity principles can mitigate these risks. It advocates for enhanced cyber defensive capabilities through comprehensive threat intelligence, security monitoring, threat hunting, cybersecurity awareness, and timely patch management.
