21 Aug UAE Cyberattacks Driven by Criminal Exploitation, Acronis Report Highlights
- Acronis has published its Acronis Cyberthreats Report for the first half of 2025.
- The report outlines popular threat vectors, active threat groups, and industries under attack.
- Ransomware remains a top concern for medium and large enterprises globally.
The Acronis Cyberthreats Report for the first half of 2025 delivers crucial insights into the evolving landscape of cyber threats. This report, released by Acronis, highlights various attack vectors, identifies active threat groups, and points out the industries most affected by cybercrime.
Among the key findings, ransomware has solidified its position as the principal threat for medium and large businesses worldwide. The report notes an alarming trend where emerging criminal groups are increasingly utilizing artificial intelligence to enhance their operations, making it easier for them to orchestrate attacks.
Phishing, a ubiquitous method of cyberattack, accounted for a striking 25 percent of all recorded incidents. Furthermore, a significant 52 percent of the attacks were directed at managed service providers (MSPs), marking a 22 percent surge compared to the same period in 2024. This uptick highlights the growing vulnerability of MSPs in the face of escalating threats.
Cybersecurity Landscape in the UAE
In the UAE, the findings are somewhat encouraging. The region recorded some of the lowest ransomware detections globally, with figures showing five or fewer incidents per 10,000 workloads between January and June 2025. However, this stability came alongside notable spikes in cyber activity, particularly in March 2025, coinciding with the signing of several Comprehensive Economic Partnership Agreements (CEPAs). After this peak, a brief dip in detections was observed, suggesting that robust security measures implemented during this period had some effectiveness. Yet, by May, attacks surged again as cybercriminals adjusted their strategies in response to security enhancements.
This pattern of targeted attacks also emerged following the catastrophic floods of April 2024. The disruption of services during this time provided fertile ground for cybercriminals to strike, underscoring the opportunistic nature of many attacks.
Comments from Cybersecurity Experts
“The UAE showcases resilience with its impressive low ransomware rates, but the data indicates that attackers are adept at exploiting periods of disruption, whether originating from natural events or economic shifts,” noted Ziad Nasr, General Manager of Acronis Middle East. “As the UAE accelerates its digital evolution and enhances international ties, it is essential for both MSPs and enterprises to intensify their focus on AI-driven detection, proactive vulnerability management, and effective endpoint detection and response (EDR) strategies. This approach is vital for securing critical sectors and fostering long-term cyber resilience.”
Gerald Beuchelt, the Chief Information Security Officer at Acronis, added, “While the ultimate goal for cybercriminals remains ransomware, their methods are evolving. Even less experienced attackers now have access to powerful AI tools, enabling them to conduct sophisticated social engineering attacks with ease. This development poses a constant threat to MSPs, ISPs, and similar entities, as the landscape of attacks becomes increasingly sophisticated, featuring advanced deepfakes. A single misstep can jeopardize the future of these organizations. To navigate this complex threat environment and safeguard against potentially devastating ransomware attacks, it is crucial to adopt a comprehensive cyber protection strategy that incorporates advanced detection mechanisms, robust response options, and effective recovery plans.”
