UAE issues warning as Iran deploys AI for cyber attacks

Abu Dhabi: The Abu Dhabi Emergency, Crisis and Disaster Management Centre has issued a warning, through its recently released Cybersecurity Awareness Guide During Crises, highlighting six cyber threats it describes as the most prevalent during emergencies. Meanwhile, Dr. Mohammed Hamad Al Kuwaiti, Chairman of the UAE Government Cybersecurity Council, revealed that Iran has recently utilised artificial intelligence tools, including “ChatGPT” and others, to engineer cyberattacks targeting the UAE.

Rising AI-driven threats

Developed in collaboration with the Department of Government Enablement, the guide—published in both Arabic and English as part of the second phase of the “Our Community is Ready” campaign—outlines six major cyber threats that tend to surge during crises.

These include phishing and online fraud, account breaches, malware, identity theft and the creation of fake social media accounts, as well as AI-enabled fraud and deepfakes. Such tactics involve voice cloning, or generating fabricated images and videos that appear to originate from trusted entities or individuals, with the aim of deception or financial fraud. Data leaks through untrusted websites also remain a significant concern.

The guide aims to raise public awareness of cyber risks and promote safe digital practices, enabling individuals to protect their personal data and online accounts when using various digital services—particularly during emergencies and exceptional circumstances.

Preventive guidelines

It provides key preventive measures to mitigate cyber risks, enhance community awareness, protect individuals and institutions, and ensure business continuity.

The guide notes that cyberattacks tend to escalate during crises due to several factors, including the exploitation of fear and confusion, which makes individuals more susceptible to deception; rushed digital decision-making without proper verification; the spread of misinformation and unverified news; and increased reliance on unofficial channels for information or services.

Indicators of fraud attempts

The guide identifies several warning signs of potential fraud attempts, including urgent requests for personal information or verification codes, suspicious or unknown links, unexpected requests for money transfers, messages claiming improbable prizes or unrealistic offers, login alerts from unfamiliar devices, and unsolicited voice or video messages requesting sensitive information. It also warns against messages written in an unusual style or those that appear excessively formal, as well as impersonation of official or trusted entities.

Individuals are advised to avoid common mistakes such as clicking on unknown links, reusing passwords across multiple platforms, downloading applications from unofficial sources, uploading files or entering data on untrusted websites, sharing one-time passwords (OTP), responding hastily to suspicious messages, and resharing unverified content.

Essential crisis-time protocols

The Centre urges the public to adhere to critical guidelines during crises, including relying solely on official sources, refraining from sharing unverified information, exercising caution messages exploiting exceptional circumstances, verifying the authenticity of audio and video content before resharing, avoiding panic-driven responses, and following official cybersecurity instructions. It also cautions against using educational email accounts on public platforms, particularly gaming applications, to prevent account breaches or misuse.

The Centre emphasised that fear-inducing messages, urgent requests for information, unusual communication styles, and impersonation of official entities are common tactics used by fraudsters to pressure individuals into making rushed digital decisions.

AI-powered cyberattacks attributed to Iran

Dr. Mohammed Al Kuwaiti confirmed that artificial intelligence has become an integral component of modern cyberattack toolkits—not merely a supplementary aid. He noted that hostile actors, including Iran, are using AI for reconnaissance, data gathering, vulnerability detection, enhancing phishing messages, developing malware, and producing misleading or fabricated content to support information warfare.

He highlighted that recent attacks demonstrate a qualitative shift in cyberattack methods, with AI enabling faster, more convincing, cost-effective, and widely scalable operations.

Advanced National Cyber Defense System

On national efforts to counter such threats, Al Kuwaiti explained that the UAE Cybersecurity Council operates within an advanced and integrated national framework focused on continuous monitoring, analysis, response, and readiness enhancement.

Key initiatives include adopting a zero-trust model, activating the National Cybersecurity Operations Center (NSOC), deploying smart monitoring systems, leveraging advanced intelligence analysis, monitoring disinformation, conducting national cyber crisis simulation exercises, and sharing real-time security alerts with relevant entities to ensure rapid response and preparedness.

He stressed that the UAE adopts a proactive approach: “The country does not wait for threats to act; it maintains continuous readiness to safeguard national infrastructure and services.”

Human element: The first line of defense

Al Kuwaiti underscored that individuals represent the first line of defense in the current landscape. Key recommendations include:

• Avoid clicking on unknown links

• Never share passwords or verification codes

• Enable multi-factor authentication wherever possible

• Use strong, unique passwords

• Update default settings on devices such as surveillance cameras

• Follow updates exclusively from official authorities

• Rely on trusted sources of information

• Avoid spreading rumors or unverified content

• Refrain from sharing sensitive or potentially alarming visuals

He also emphasized the importance of regularly updating systems and applications, avoiding unsecured public Wi-Fi networks, backing up critical data, and immediately reporting suspicious messages, apps, or calls. He warned against believing or sharing unverified videos, images, or recordings.

“The most important message,” he said, “is that in times of tension, your awareness must be faster than phishing, calmer than rumors, and more accurate than fabricated content.”

Up to 700,000 cyberattacks daily

Addressing the scale of cyber threats, Al Kuwaiti revealed that the UAE is currently facing between 500,000 and 700,000 cyberattacks daily, particularly targeting strategic sectors during high-pressure periods. He noted that most of these threats are attributed to state-backed actors.

Compared to the period before February 28, indicators show a clear increase in both the volume and sophistication of attacks following regional escalation, with greater reliance on AI and deepfake technologies.

He concluded that while the intensity of attacks is expected to rise, the UAE’s national cybersecurity system is proactively detecting and containing threats while ensuring continuity of essential services.

“What we face today is not merely traditional cyberattacks,” he said, “but more complex threats powered by artificial intelligence, social engineering, and fabricated content. However, the UAE possesses a highly advanced, vigilant, and proactive system. The key message to the public: trust official sources, deny fraudsters any opportunity, and do not give rumors room to spread.”