According to research financed by IBM that examined data breaches in 16 countries, cybercrime in the Middle East costed slightly over $8 million (€7.2 million) per incident in 2023. This places the United Arab Emirates and Saudi Arabia, the subjects of the IBM study, in second place globally for this type of financial harm.
In addition, cybercrime expenses in Saudi Arabia and the UAE have been rising for some time. According to the same yearly survey, the average cost of a cyberattack in 2018 was merely $5.31 million.
Why is this happening?
It’s critical to consider the rise in light of the nations’ expanding e-commerce industries and increasing internet use rates, which indicate that more people than ever are using the internet. However, they must be adequately protected, according to the appropriate ministries in the UAE and Saudi Arabia.
Saudi Arabia and the UAE are at the top of the list of countries with the greatest cybersecurity capabilities, according to the most recent rankings from 2020 published by the International Telecommunications Union, or ITU, a specialized United Nations organization.
Experts note that although cybersecurity is becoming more and more essential in the region, there may be differences between the policies of the Gulf states and their actual implementation. This is because the rankings are based on data that the ITU receives directly from the countries.
“The UAE, Saudi Arabia and Qatar are doing extremely well in terms of digitalizing their public services and they also have thriving sector of small and medium enterprises,” says Joyce Hakmeh, deputy director of the International Security program at UK-based think tank, Chatham House, and an expert on cyber policy. “But as is often the case — and this is not just in the Gulf, but pretty much everywhere in the world — this digital transformation is happening so fast, that it can be at the expense of having the right cybersecurity measures in place.”
“The Middle East is a hotbed for data breaches, primarily due to rapid digitization outpacing cybersecurity infrastructure,” confirmed Mohammed Soliman, director of the Strategic Technologies and Cyber Security Program at the Washington-based Middle East Institute.
Additionally, there is the problem of concentrated government authority, which has tried to influence projects over other areas like infrastructure. A 2022 paper written by Bassant Hassib, a political science professor at the European University in Egypt, was published in the journal Middle East Policy. According to Hassib, “bureaucratic obstacles impede national cybersecurity organizations,” citing as equally harmful elements confusing or overlapping tasks, inconsistent regulation execution, and a lack of information and advice.
Cybercrime: Mostly about the money
International news is frequently dominated by state-sponsored hackers who engage in espionage and steal information belonging to other countries. Additionally, Soliman of the MEI told DW that politically driven cyberattacks in the Middle East typically follow the path of long-standing regional conflicts.
As a result, he said, they have turned into a preferred weapon in proxy wars and situations in which nations wish to avoid direct military confrontation.
“Iranian cyber groups, for example, have been involved in politically motivated cyberattacks such as aggressive espionage operations against a diverse array of public and private sector victims in the Gulf states.”
But although Turkey, Iran, and Israel all have offensive cyber capabilities linked to their own armed forces, the wealthy Gulf governments usually don’t, or at least don’t discuss them too much. They still primarily rely on their ties to the US and Israel for this. Analysts believe that this requirement is actually what motivates negotiations between Israel and the Gulf states.
However, according to the US business Verizon’s 2024 Data Breach Investigations Report, the great majority of cyberattacks worldwide still have financial motivations. The Middle East likewise fits this description. Verizon reports that 94% of cyberattacks in the Middle East, Europe, and North Africa have financial motivations, with only 6% appearing to have political ones.
Blackmailing the world’s wealthiest
Ransomware, a sort of malicious software or malware that encrypts or locks data until a ransom is paid, is one of the most often used techniques for financially extorting enterprises.
Additionally, Hakmeh notes that ransomware-as-a-service is becoming more widely accessible. She notes that this is ransomware that is easier for would-be hackers to use because it can be purchased “off the shelf” on the dark web.
Several of the richest companies in the world are based in Saudi Arabia and the United Arab Emirates. This covers their oil and gas corporations as well as their sovereign wealth funds. The companies with the most revenue are the ones that are most likely to be targeted by ransomware, according to a survey published by the British cybersecurity firm Sophos.
In 2024, Sophos conducted a poll with 5,000 professionals in the sector, primarily in Europe, and discovered that ransomware attacks were directed towards less than half of the firms with annual revenues under $10 million. However, when they earned more than $5 billion annually, that increased to 67%.
Richer businesses were also more likely to fully pay the ransom, according to an anonymous Sophos survey. A little over half of the ransomware-targeted businesses made payments. However, companies with annual revenue of more than $5 billion typically paid the full amount requested, while smaller companies were able to work out a cheaper deal.
Further study indicates that the number of UAE businesses that choose to settle their debts may possibly be greater; according to a survey conducted by a cybersecurity company, 84% of them said they would pay their blackmailers.
Cybercrime occurs worldwide, according to Hakmeh. However, “a combination of high value targets, a rapid increase in digitalization and not enough cybersecurity measures, plus the increased sophistication of the threat actors,” she said, can explain why the Gulf states are at the top of the list of costly events.
Also read: Strengthening the prospects of data center industry with quality air solutions
Do Follow: CIO News LinkedIn Account | CIO News Facebook | CIO News Youtube | CIO News Twitter
About us:
CIO News is the premier platform dedicated to delivering the latest news, updates, and insights from the CIO industry. As a trusted source in the technology and IT sector, we provide a comprehensive resource for executives and professionals seeking to stay informed and ahead of the curve. With a focus on cutting-edge developments and trends, CIO News serves as your go-to destination for staying abreast of the rapidly evolving landscape of technology and IT. Founded in June 2020, CIO News has rapidly evolved with ambitious growth plans to expand globally, targeting markets in the Middle East & Africa, ASEAN, USA, and the UK.
CIO News is a proprietary of Mercadeo Multiventures Pvt Ltd.