emirates7 - Dr. Mohamed Hamad Al Kuwaiti, Head of the UAE Government Cybersecurity Council, has affirmed that the UAE possesses an advanced and integrated national cybersecurity ecosystem capable of detecting and countering digital threats with high efficiency.
"Over 90,000 to 200,000 breach attempts strike the UAE infrastructure every single day," Al Kuwaiti told the Emirates News Agency (WAM), adding that all are proactively thwarted without impacting service continuity or data security.
He said that since the beginning of 2026, 128 confirmed cyber threat incidents have targeted entities across the UAE, including ransomware attacks, government breaches, and data leaks or breach incidents. He stressed that all incidents were addressed under unified national response protocols to ensure rapid containment and risk mitigation.
He explained that government administration and the financial services and banking were among the most targeted sectors, alongside other vital sectors. Threats included website defacement, data leaks, data breaches, initial access, ransomware, denial-of-service (DDoS) attacks, state-sponsored/APT, among others.
Al Kuwaiti said threat intelligence analysis showed that a significant proportion of these attacks were carried out by state-sponsored advanced threat groups, in addition to cybercriminal activities and hacktivist groups. These are continuously monitored and tracked through national monitoring systems in coordination with the relevant authorities.
On digital rumours and the use of deepfake technologies, he said such threats are being actively used to erode public trust, manipulate markets, and damage the country’s international reputation.
He noted that the UAE continuously monitors attempts to publish misleading or fabricated content, particularly targeting the financial, economic and banking sectors or exploiting the names of official figures.
Al Kuwaiti added that there is no official figure for deepfake cases related to the UAE, but fabricated videos are increasingly being used, including content depicting public figures promoting fraudulent schemes or issuing false decisions, aimed at undermining public trust, influencing markets, and harming the country’s international reputation.
"Regional geopolitical tensions across North Africa, the Gulf, and broader Middle East information spaces have intensified online narratives targeting the UAE. Conflict-driven discourse, diplomatic friction, and AI-enabled disinformation activity have increased rumor propagation and hacktivist mobilization across regional digital ecosystems," he said.
He noted that 21 actively tracked APT threat actor groups and 60 unique hacktivist and cybercriminal actors indicate that attacks on UAE infrastructure originate primarily from Asia, Europe and South America.
By continent-level breakdown, Asia accounts for approximately 66.7 percent of state-sponsored actor origins, Europe 14.3 percent, while Middle Eastern or cross-regional actors make up the remainder.
In terms of operational networks, 49.2 percent of tracked incidents were coordinated via Telegram, 40.6 percent through the open web (forums and marketplaces spanning global geographies), and 10.2 percent through Tor-based dark web infrastructure (primarily associated with ransomware ecosystems).
Al Kuwaiti explained that the UAE addresses these threats through an integrated technical and legislative framework that includes early detection, advanced content analysis, community awareness, and the development of regulatory frameworks for artificial intelligence to limit misuse.
The national strategy for 2025–2031, approved in February 2025, represents a comprehensive roadmap to strengthen cybersecurity in the country. He also referred to the centralised National Security Operations Centre, which serves as a hub for monitoring alerts and detecting threats across multiple operations centres nationwide, enabling real-time threat intelligence sharing and coordinated response.
Regarding the types of cyberattacks, he said defacement accounted for 38.3 percent of total incidents, followed by data leaks at 25.8 percent, data breach at 13.3 percent, initial access at 10.2 percent, ransomware attacks at 7.8 percent, and DDoS attacks at 4.7 percent.
He highlighted that state-sponsored/APT accounted for 71.4 percent of tracked threat actors (15 of 21 groups), while eCrime/Criminal of tracked threat actors and hacktivist groups each represented 14.3 percent.
On the most targeted sectors, Al Kuwaiti said Government Administration ranked first at 9.4 percent, followed by Financial Services & Banking at 9.3 percent and Real Estate at 5.5 percent. Construction & Engineering accounted for 4.7 percent, Professional Services, and Transportion & Logistics 3.9 percent each, while Hospitality & Tourism, Education, and Marketing & Advertising each recorded 3.1 percent. Luxury Goods & Jewellery, architecture and planning, and management consulting each stood at 2.3 percent.
Al Kuwaiti affirmed that the UAE continues to invest in developing and qualifying national talent in cybersecurity through specialised programmes, leadership academies and competitive training initiatives, in addition to supporting innovation and entrepreneurship in this vital sector, contributing to strengthening digital sustainability and national security.
On international cooperation, Al Kuwaiti said the UAE adopts an active policy to strengthen regional and international partnerships in cybersecurity through multilateral channels and bilateral agreements for the exchange of threat intelligence, coordination in incident response, and the enhancement of digital resilience.
He stressed that this approach reflects the country’s commitment to protecting its national cyberspace while maintaining responsible international cooperation to address cross-border threats, within a balanced framework that upholds national sovereignty and effective global collaboration.
"Over 90,000 to 200,000 breach attempts strike the UAE infrastructure every single day," Al Kuwaiti told the Emirates News Agency (WAM), adding that all are proactively thwarted without impacting service continuity or data security.
He said that since the beginning of 2026, 128 confirmed cyber threat incidents have targeted entities across the UAE, including ransomware attacks, government breaches, and data leaks or breach incidents. He stressed that all incidents were addressed under unified national response protocols to ensure rapid containment and risk mitigation.
He explained that government administration and the financial services and banking were among the most targeted sectors, alongside other vital sectors. Threats included website defacement, data leaks, data breaches, initial access, ransomware, denial-of-service (DDoS) attacks, state-sponsored/APT, among others.
Al Kuwaiti said threat intelligence analysis showed that a significant proportion of these attacks were carried out by state-sponsored advanced threat groups, in addition to cybercriminal activities and hacktivist groups. These are continuously monitored and tracked through national monitoring systems in coordination with the relevant authorities.
On digital rumours and the use of deepfake technologies, he said such threats are being actively used to erode public trust, manipulate markets, and damage the country’s international reputation.
He noted that the UAE continuously monitors attempts to publish misleading or fabricated content, particularly targeting the financial, economic and banking sectors or exploiting the names of official figures.
Al Kuwaiti added that there is no official figure for deepfake cases related to the UAE, but fabricated videos are increasingly being used, including content depicting public figures promoting fraudulent schemes or issuing false decisions, aimed at undermining public trust, influencing markets, and harming the country’s international reputation.
"Regional geopolitical tensions across North Africa, the Gulf, and broader Middle East information spaces have intensified online narratives targeting the UAE. Conflict-driven discourse, diplomatic friction, and AI-enabled disinformation activity have increased rumor propagation and hacktivist mobilization across regional digital ecosystems," he said.
He noted that 21 actively tracked APT threat actor groups and 60 unique hacktivist and cybercriminal actors indicate that attacks on UAE infrastructure originate primarily from Asia, Europe and South America.
By continent-level breakdown, Asia accounts for approximately 66.7 percent of state-sponsored actor origins, Europe 14.3 percent, while Middle Eastern or cross-regional actors make up the remainder.
In terms of operational networks, 49.2 percent of tracked incidents were coordinated via Telegram, 40.6 percent through the open web (forums and marketplaces spanning global geographies), and 10.2 percent through Tor-based dark web infrastructure (primarily associated with ransomware ecosystems).
Al Kuwaiti explained that the UAE addresses these threats through an integrated technical and legislative framework that includes early detection, advanced content analysis, community awareness, and the development of regulatory frameworks for artificial intelligence to limit misuse.
The national strategy for 2025–2031, approved in February 2025, represents a comprehensive roadmap to strengthen cybersecurity in the country. He also referred to the centralised National Security Operations Centre, which serves as a hub for monitoring alerts and detecting threats across multiple operations centres nationwide, enabling real-time threat intelligence sharing and coordinated response.
Regarding the types of cyberattacks, he said defacement accounted for 38.3 percent of total incidents, followed by data leaks at 25.8 percent, data breach at 13.3 percent, initial access at 10.2 percent, ransomware attacks at 7.8 percent, and DDoS attacks at 4.7 percent.
He highlighted that state-sponsored/APT accounted for 71.4 percent of tracked threat actors (15 of 21 groups), while eCrime/Criminal of tracked threat actors and hacktivist groups each represented 14.3 percent.
On the most targeted sectors, Al Kuwaiti said Government Administration ranked first at 9.4 percent, followed by Financial Services & Banking at 9.3 percent and Real Estate at 5.5 percent. Construction & Engineering accounted for 4.7 percent, Professional Services, and Transportion & Logistics 3.9 percent each, while Hospitality & Tourism, Education, and Marketing & Advertising each recorded 3.1 percent. Luxury Goods & Jewellery, architecture and planning, and management consulting each stood at 2.3 percent.
Al Kuwaiti affirmed that the UAE continues to invest in developing and qualifying national talent in cybersecurity through specialised programmes, leadership academies and competitive training initiatives, in addition to supporting innovation and entrepreneurship in this vital sector, contributing to strengthening digital sustainability and national security.
On international cooperation, Al Kuwaiti said the UAE adopts an active policy to strengthen regional and international partnerships in cybersecurity through multilateral channels and bilateral agreements for the exchange of threat intelligence, coordination in incident response, and the enhancement of digital resilience.
He stressed that this approach reflects the country’s commitment to protecting its national cyberspace while maintaining responsible international cooperation to address cross-border threats, within a balanced framework that upholds national sovereignty and effective global collaboration.
الرجاء الانتظار ...