UAE, Saudi Arabia Become Plum Cyberattack Targets

Hacktivism-related DDoS attacks have risen 70% in the region, most often targeting the public sector, while stolen data and access offers dominate the Dark Web.

Cyberattackers and hacktivists are increasingly targeting the United Arab Emirates, the Kingdom of Saudi Arabia, and other nations in the Gulf Cooperative Council (GCC) region. The region is likely a favored target because its a hub for commerce and trade, full of rich economies; and because of regional nations stance on certain geopolitical issues.
Thats according to 18 months of Dark Web data compiled by Moscow-based threat research firm Positive Technologies.
The report stated
that the first half of the year, the number of distributed denial-of-service (DDoS) attacks in the region rose 70%, compared with the same period in the previous year.
Hacktivists use forums as both a way to call like-minded hackers to action and to publish evidence of their success against specific targets, says Anastasiya Chursina, a threat analyst with Positive Technologies.
We believe that this trend may continue and the number of attacks carried out by hacktivists will go up, she says. At the same time, the level of other attacks will increase, which will entail an increase in the number of risks and negative consequences for companies in the region.
Both Saudi Arabia and the UAE topped the chart of targeted nations in
a March analysis of two years of attacks in the region
. The UAE alone faces
an average of 50,000 cyberattacks every day
, the head of cybersecurity for the UAE government said earlier this year, while the country also
has a rapidly growing attack surface
.
More attacks are also being publicly disclosed: In July, pro-Palestinian hacktivist group BlackMeta
targeted a bank in the United Arab Emirates
with a DoS campaign that lasted more than 100 hours over six days. And in April, Saudi Arabia was added to the list of organizations
targeted by the suspected China-linked group Solar Spider
.
The increase of DoS attacks — rather than Web defacements or system breaches — may indicate an influx of new threat actors. The attackers tactics of choice depend upon their skills and knowledge, and DDoS attacks can be accomplished by novice hackers, says Positive Technologies Chursina.
The main goal of hacktivists is to draw public attention to certain political, social, and religious issues, she says. DDoS attacks are the most popular, as they do not require high professional knowledge and resources, and they can be performed by any novice hacker.
Positive Technologies trove of forum posts and text messages totals 277 million items from 380 Telegram channels and Dark Web forums. For its GCC report, the company focused on six major nations in the region: the UAE, Saudi Arabia, Bahrain, Oman, Qatar, and Kuwait.
Stolen data and illicit access accounted for the topic of more than half (54%) of the posts, with the vast majority of of users selling or buying access. These posts focused on five sectors: trade, services, manufacturing, IT, and government agencies.
About 12% of the posts included a call to action for hacktivism or evidence of a successful hacktivist attack, according to the report. About 9% of hacktivist posts also advertised free credentials for use in attacks.
Access giveaways represent a new trend for the region that first appeared in H2 2023, the report stated. Most access giveaways (70%) contained the credentials of government agency employees.
Cyberattacks have become the preferred battlefield for many groups — both nation-state and dissent organizations — in the region. The stakes are rapidly escalating as well, from Irans
increasing pace of cyber espionage
to
Israels cyber-physical attacks using compromised supply chains
to the compromise of
naval information systems in the region
.
With the UAE and Saudi Arabia increasingly invested in digitization, AI development, and shifting to a knowledge-based economy, organizations in the two nations — and the Middle East at large — need to focus on strengthening their cybersecurity posture, Positive Technologies says.
Dark Web forums are full of offers and services tailored to this region, the companys report stated. The abundance of posts related to the sale of access, often low-cost, makes it easier for attackers to gain initial access to a company and carry out an attack without wasting time looking for new entry points into the infrastructure. Access giveaways are a new trend on the part of haсktivists allowing low-grade hackers to carry out attacks and raise public awareness about social and political issues.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
UAE, Saudi Arabia Become Plum Cyberattack Targets