The number of successful cyberattacks in the Middle East tripled in Q1 2024 compared to the same period the previous year, according to a report released on Wednesday.

A study by Positive Technologies, a leading cybersecurity firm, revealed that by Q2 2024, data breaches were the most common outcome of cyberattacks in the region, occurring in nearly every second successful attack. The report highlighted a significant rise in hacktivist attacks amid escalating geopolitical tensions, with the Middle East frequently targeted by Advanced Persistent Threat (APT) groups.

Irina Zinovkina, head of information security analytics research at Positive Technologies, noted, “The increase in hacktivist attacks in the Middle East reflects a shift in conflict strategies, where cyberattacks are now a standard component. Our projections indicate that rising tensions could lead to more Distributed Denial of Service (DDoS) attacks on media and government entities. Furthermore, if groups collaborate, they could launch large-scale attacks with more destructive capabilities.”

APT groups in the region conducted prolonged and complex cyberattacks aimed at data theft, information gathering, or operational disruption. Nearly all cybercriminal groups studied targeted government institutions at least once, with 69% focusing on the energy sector, signaling an intent to disrupt critical infrastructure. The public sector was the most targeted, accounting for 24% of all cyberattacks on organizations, due to the vast amounts of confidential data it handles.

The manufacturing sector ranked second (17%) and faced cyberthreats involving wipers, which erase data on compromised Industrial Control Systems (ICS) devices, causing significant disruptions. In attacks on Israeli companies, the BiBi wiper was used, rendering targeted systems' data inaccessible. Malware remained the most prevalent tool in cyberattacks.

Social engineering tactics were also widely used (54%), often leveraging AI technologies. With the advancement of generative AI, malicious content surged, and email phishing attacks increased by 222% in H2 2023 compared to H2 2022.

Data breaches were the primary consequence of successful cyberattacks in the Middle East, rising from 35% in Q3 2023 to 49% by H2 2024. The average damage from cyberattacks in the region is nearly double the global average. Experts recommend adopting result-driven cybersecurity to build a comprehensive automated defense system against non-tolerable events.

Zinovkina emphasized that companies and government institutions in the UAE face diverse challenges requiring comprehensive security measures and rapid response. “The government recognizes the importance of protecting critical infrastructure and data amidst growing cyberthreats and is implementing legislative initiatives to bolster cybersecurity. For instance, the UAE increased investments in cybersecurity as part of a new budget plan,” she said. Local companies are also investing heavily in advanced technologies like AI and machine learning to enhance cybersecurity.

Zinovkina concluded, “Combating attacks requires a special approach based on result-driven cybersecurity. If successfully implemented, this approach ensures that even if attackers penetrate the network, they cannot cause non-tolerable damage. The primary goal is to eliminate the possibility of non-tolerable events, which prevent an organization from achieving its operational or strategic goals or lead to significant disruption due to a cyberattack.”