In 2024, the Middle East experienced a significant surge in cybersecurity challenges, with state-sponsored attacks and hacktivism emerging as prominent threats. Gulf Cooperation Countries (GCC) were targeted, reflecting the region’s strategic importance.
Advanced persistent threats (APTs) saw a 4.27% increase in the Middle East and Africa (MEA) region, with 27.5% of these attacks linked to state-backed espionage groups targeting GCC nations.
Other countries saw a significant rise in cyber threats including Egypt (13.2%), Turkey (9.9%), Jordan (7.7%), and Iraq (6.6%). African nations, such as Nigeria, South Africa, Morocco, and Ethiopia, also experienced growing vulnerabilities, which are likely attributed to the ongoing development of their digital infrastructures.
Also Read: UAE Successfully Thwarts Ransomware Attacks; Warns of Advanced AI-Powered Tools
The Region’s Increasing Cyber Threats
Hacktivism was an evident cybersecurity challenge, with the MEA region ranking third globally, accounting for 16.54% of attacks. Europe and the Asia Pacific led hacktivism rankings with 35.98% and 39.19%, respectively. The targets of these attacks include government and military sectors (22.1%), financial services (10.9%), education (8%), and media and entertainment (5.2%), disrupting essential services and critical infrastructure.
Phishing and data breaches remained dominant threats across the region. The energy and oil and gas sectors showcased vulnerability, accounting for 24.9% of attacks, followed by financial services at 20.2%. Phishing campaigns also substantially affected internet services (32.8%), telecommunications (20.7%), and financial institutions (18.8%) across the region.
Ransomware attacks were relatively low in the MEA region, with only 184 incidents reported. However, other sophisticated cybercrimes have emerged, involving initial access brokers (IABs), who sell access to compromised systems on underground markets. In 2024, GCC countries accounted for 23.2% of IAB activity in the region, followed by Turkey at 20.5%.
Meanwhile, over 6.5 billion leaked data entries were globally identified, including email addresses, phone numbers, and passwords, highlighting the critical role of underground forums in amplifying cyber risks across the region.
Cybercriminals utilize advanced tactics to breach systems and steal data from organizations across the Middle East and Africa. These techniques include social engineering, ransomware deployment, credential theft, and newly identified methods such as extended attribute (EA) attacks, facial-recognition trojans, and ClickFix infection chains.
As digital transformation accelerates in the Middle East, the data underscores the urgent need to strengthen the region’s cybersecurity defenses to navigate the increasingly complex digital landscape.
More on Cybersecurity:
UAE Cabinet Approves National Cybersecurity Strategy
Qatar Unveils 2024-30 National Cybersecurity Strategy
Malware and Ransomware Incidents Spike in UAE, Bahrain, and Egypt