71.4% of Cyber Threats Targeting UAE Are State-Sponsored, Al Kuwaiti Reports
Since the start of 2026, the UAE has experienced 128 confirmed cyber threat incidents, underscoring the persistent challenges faced by its digital infrastructure. These incidents encompass a range of malicious activities, including ransomware attacks, government breaches, and data leaks. Dr. Mohamed Hamad Al Kuwaiti, Head of the UAE Government Cybersecurity Council, emphasized the country’s robust national cybersecurity ecosystem, designed to efficiently detect and counteract these digital threats.
In a recent statement, Al Kuwaiti noted that a significant 71.4% of tracked threat actors are state-sponsored or advanced persistent threats (APTs), representing 15 out of 21 identified groups. The remaining threat actors comprise eCrime and hacktivist groups, each accounting for 14.3%. He highlighted the alarming frequency of cyber breach attempts, estimating that between 90,000 and 200,000 attempts target UAE infrastructure daily. Remarkably, all these attempts are proactively mitigated without compromising service continuity or data security.
Overview of Cyber Threat Incidents in 2026
The 128 confirmed cyber incidents reported since the beginning of the year include various forms of attacks, such as ransomware, data breaches, and government-targeted incursions. Al Kuwaiti reiterated that all incidents are managed through unified national response protocols, ensuring swift containment and risk reduction.
The sectors most affected include government administration and financial services, which are critical to the UAE’s economy. The types of threats encountered range from website defacement and data leaks to denial-of-service (DDoS) attacks and state-sponsored activities. Al Kuwaiti indicated that a considerable portion of these attacks is attributed to state-sponsored advanced threat groups, alongside activities from cybercriminals and hacktivists. Continuous monitoring and tracking of these threats are conducted through national systems in collaboration with relevant authorities.
Addressing Deepfake Technologies
Al Kuwaiti also addressed the growing concern surrounding deepfake technologies and their potential to undermine public trust. These digital manipulations are increasingly being employed to distort perceptions, manipulate markets, and tarnish the UAE’s international standing. The UAE is vigilant in monitoring efforts to disseminate misleading or fabricated content, especially targeting sensitive sectors such as finance and economics.
While there is no official tally of deepfake incidents related to the UAE, the prevalence of fabricated videos is rising. Such content often features public figures endorsing fraudulent schemes or making false declarations, aimed at eroding public confidence and influencing market dynamics. Al Kuwaiti pointed out that regional geopolitical tensions have exacerbated online narratives aimed at the UAE, with conflict-driven discourse and AI-enabled disinformation intensifying rumor propagation and hacktivist mobilization.
Geographic Origins of Cyber Attacks
The analysis of cyber threats targeting the UAE reveals that attacks predominantly originate from Asia, Europe, and South America. Al Kuwaiti noted the presence of 21 actively tracked APT groups and 60 unique hacktivist and cybercriminal actors. A breakdown by continent shows that approximately 66.7% of state-sponsored actors hail from Asia, while Europe contributes 14.3%. The remaining actors are either from the Middle East or cross-regional sources.
Operational networks for these attacks are diverse, with 49.2% of incidents coordinated via Telegram, 40.6% through the open web, and 10.2% via Tor-based dark web infrastructure. This highlights the sophisticated methods employed by threat actors to execute their malicious activities.
Comprehensive Cybersecurity Framework
To combat these persistent threats, the UAE has established an integrated technical and legislative framework. This includes early detection systems, advanced content analysis, community awareness initiatives, and the development of regulatory frameworks for artificial intelligence to mitigate misuse. The national strategy for 2025–2031, approved in February 2025, serves as a comprehensive roadmap to bolster the country’s cybersecurity posture.
The centralized National Security Operations Center plays a crucial role in this framework, acting as a hub for monitoring alerts and detecting threats across various operational centers nationwide. This enables real-time sharing of threat intelligence and coordinated responses to incidents.
Sector-Specific Targeting
Al Kuwaiti provided insights into the sectors most frequently targeted by cyber threats. Government Administration leads with 9.4%, closely followed by Financial Services and Banking at 9.3%, and Real Estate at 5.5%. Other sectors, such as Construction and Engineering, Professional Services, and Transportation and Logistics, account for 4.7% and 3.9% respectively. The Hospitality and Tourism, Education, and Marketing and Advertising sectors each report 3.1%, while Luxury Goods and Jewelry, architecture and planning, and management consulting each stand at 2.3%.
The ongoing cyber threat landscape in the UAE highlights the necessity for continuous vigilance and proactive measures to safeguard critical infrastructure and maintain public trust.
Source: economymiddleeast.com
Keep reading for the latest cybersecurity developments, threat intelligence and breaking updates from across the Middle East.
