AI Reshapes Cybercrime Economics, Posing New Threats for Middle Eastern Enterprises, Says Isabelle Meyer of Zendata

In an era where cyber threats are evolving at an unprecedented pace, businesses in the Middle East must adapt to maintain continuity and security. Isabelle Meyer, CEO and Co-Founder of Zendata, emphasizes the urgent need for enterprises to reassess their cybersecurity strategies in light of new challenges, particularly as remote work becomes more prevalent once again.

The Return of Remote Work: Lessons from the Pandemic

The irony is stark: while many Fortune 500 companies struggled to adapt during the COVID-19 pandemic, cybercriminals swiftly pivoted their tactics. As the world transitioned to remote work, threat actors seized the opportunity, launching phishing campaigns that capitalized on pandemic-related fears. Within days, phishing kits were rebranded with COVID-19 themes, and vulnerabilities in VPNs were exploited en masse.

As employees across the UAE prepare to return to their home offices, the cybercriminal landscape is already shifting. Fake airline support accounts and banking scams are just the beginning of a new wave of attacks. The lessons learned from 2020 must not be forgotten, and businesses must act decisively to fortify their defenses.

First, it is crucial to understand that a VPN is not a comprehensive security solution; it merely serves as a corridor. During the pandemic, organizations hastily pushed employees through VPN tunnels, mistakenly labeling it as “secure remote access.” This created a long hallway where, once one endpoint was compromised, attackers could easily infiltrate the corporate network.

By 2025, Zero Trust Architecture should no longer be a buzzword but rather a standard practice. Every user, device, and session must undergo verification, regardless of its origin. In the UAE, where hybrid work has become the norm, enterprises should already be implementing these measures. If they have not done so, they are already behind.

Second, employees represent both the greatest vulnerability and the most effective defense. The same psychological tactics that led individuals to click on “COVID update” links in 2020 are now being employed against tourists targeted by fraudulent airline support accounts. Urgency, fear, and trusted brand names remain effective tools for attackers.

Businesses must invest in continuous, scenario-based security awareness training rather than relying on annual checklists that are quickly forgotten. When employees are stressed and distracted, they become easy targets for cybercriminals.

Third, organizations must patch their processes, not just their systems. Many breaches during the pandemic occurred not due to sophisticated exploits but because employees accessed corporate systems from personal devices without adequate policies in place. Companies should ensure that their Acceptable Use Policies, Incident Response Plans, and Business Continuity Plans are updated to accommodate a rapid return to remote work.

The UAE boasts one of the most advanced digital infrastructures globally, supported by frameworks from the UAE Cybersecurity Council and NESA. However, the lessons of 2020 are clear: the question now is whether business leaders will treat this as a fire drill or a genuine crisis.

The Evolving Cyber Threat Landscape

The current threat landscape is marked by a blend of AI-powered phishing, brand impersonation, and opportunistic ransomware, creating what Meyer describes as a “crisis cocktail.” The danger lies not only in the sophistication of these attacks but also in their seamless execution.

AI-Powered Spear Phishing has emerged as the weapon of choice for cybercriminals. Gone are the days of poorly written emails from Nigerian princes. Today’s AI-generated phishing emails are contextually relevant, grammatically flawless, and deeply personalized. Attackers scrape LinkedIn profiles and cross-reference corporate websites to craft messages that resonate with their targets, often referencing specific individuals and current events.

In a crisis environment, employees are more likely to fall victim to these attacks, particularly when they receive emails that appear to be critical IT security updates. The click-through rates for such emails can be alarmingly high.

Brand impersonation is another prevalent tactic, especially in the UAE, a major international travel hub. Airlines, banks, and government entities are frequently targeted, with attackers creating fake customer service numbers and spoofed accounts. These low-cost, high-yield attacks require minimal technical expertise, making them particularly appealing to cybercriminals.

Ransomware attacks are likely to follow disruptions, as opportunistic gangs exploit the chaos. When organizations rush to re-establish remote access, security measures are often compromised. Unpatched systems and misconfigured cloud environments create fertile ground for ransomware deployment, particularly for mid-sized enterprises and critical infrastructure suppliers lacking dedicated security operations.

Additionally, the rise of Operational Technology (OT) and Internet of Things (IoT) attacks on smart infrastructure poses a new threat. The UAE’s significant investments in smart city technology and connected systems make it a prime target for state-sponsored or state-adjacent threat actors.

Leveraging AI: A Dual-Edged Sword

Meyer highlights a critical truth for Chief Information Security Officers (CISOs) in the region: AI has fundamentally altered the economics of cybercrime, and not in favor of businesses. Historically, sophisticated cyberattacks required skilled human operators and significant resources. However, AI has democratized this sophistication, enabling even moderately technically literate individuals to launch complex attacks using commercially available tools.

The barrier to entry for high-quality cybercrime has collapsed. At Zendata, the increase in the volume, velocity, and sophistication of attacks targeting Middle Eastern organizations is evident in threat intelligence feeds. AI is not only enhancing existing attack types but also enabling entirely new patterns that evolve faster than traditional defenses can adapt.

However, there is an opportunity for organizations willing to invest intelligently in AI for defense. Meyer offers several key recommendations for enterprises:

1. Fight AI with AI: Deploy AI-driven threat detection and response tools capable of identifying anomalous behavior in real time. Behavioral analytics, AI-powered Security Information and Event Management (SIEM) platforms, and automated response capabilities are essential components of modern cybersecurity infrastructure.

2. Invest in Regionally Relevant Threat Intelligence: Generic global threat feeds are insufficient for the UAE’s unique landscape. Organizations need intelligence that reflects the geopolitical context, specific sectors under threat, and the tactics, techniques, and procedures (TTPs) of active threat actors.

3. Conduct an Emergency Security Posture Review: Organizations should assess their critical assets, identify high-risk remote access points, verify endpoint protection, and ensure that incident response teams are prepared for potential breaches.

4. Make Business Continuity a Board-Level Priority: Cybersecurity is not merely an IT issue; it is a business risk that demands attention from the boardroom. In a region where business confidence and reputation are closely linked, significant breaches can have far-reaching consequences.

According to publicly available www.tahawultech.com reporting, the urgency for Middle Eastern enterprises to adapt to these evolving threats cannot be overstated. As the landscape continues to shift, organizations must remain vigilant and proactive in their cybersecurity efforts.

For the latest cybersecurity developments, threat intelligence and breaking updates from across the Middle East: Middle East