Why UAE, GCC businesses must think like hackers to stay safe

Dubai: As governments and enterprises across the Middle East accelerate their digital transformation journeys, the cyber threat landscape is evolving just as rapidly. The region’s ambition to build smart economies, powered by artificial intelligence, automation and data-driven services, is also creating new attack surfaces for threat actors.

Group-IB’s recent Intelligence Insights: Cyber Threat Landscape in MENA and Pakistan report reveals the growing sophistication of cybercriminals and the scale of their operations.

Between January and July 2025 alone, over 42 million accounts were compromised globally, while more than 224,000 bank cards were exposed—a 122 percent surge in fraud activity.  These figures illustrate how cyber intrusions and financial fraud are no longer separate threat categories but part of the same attack chain.

Unlike traditional vendors that treat cyberattacks and fraud in isolation, Group-IB uniquely fuses both domains. Its integrated cyber and fraud intelligence provides end-to-end visibility—from the initial compromise to monetization—allowing organizations to detect and disrupt threats earlier.

For businesses, these figures are more than statistics; they reflect strategic risks that can undermine national security, financial stability and consumer trust.

Cybersecurity is no longer the exclusive domain of IT or security teams. In today’s interconnected economy, every business function, from operations to finance, plays a role in defending digital assets. The most resilient organizations are those that think like hackers: anticipating threats, testing defenses and viewing vulnerabilities as opportunities for improvement rather than weaknesses to hide.

Phishing continues to dominate the threat landscape. The report shows that the financial services, internet services and logistics industries are the top three targets, representing 54 percent, 31 percent, and 9 percent of phishing websites respectively. These industries form the backbone of regional economies and are crucial to achieving national visions such as the UAE Centennial 2071 and Saudi Vision 2030.

Protecting them from cyber disruption requires more than resilience — it demands proactive investigation, intelligence sharing, and coordinated efforts to disrupt cybercriminal infrastructure. Only by identifying threat actors early and dismantling their access, tooling, and monetization channels can governments and businesses ensure long-term digital confidence.

Ransomware remains one of the most damaging forms of cyberattacks, both financially and operationally. Group-IB recorded 124 ransomware incidents in the first seven months of 2025, primarily affecting financial services, education, government and healthcare. Beyond the direct monetary loss, ransomware incidents erode public trust in essential services.

For nations focused on digital leadership, such disruptions highlight the need not only for stronger incident response strategies but for the operationalization of threat intelligence.  Cyber resilience today is not achieved through prevention alone — it requires real-time visibility, actionable insights, and the ability to respond decisively.

This is why many leading organizations are adopting incident response retainers to ensure immediate support when breaches occur. Building resilience across sectors is now directly linked to business continuity, economic competitiveness, and investor confidence.

Group-IB’s research also sheds light on the role of the dark web as an ecosystem for cybercrime. More than 90 percent of underground activity observed originated in the GCC, with a concentration on government, military and financial targets. The dark web’s influence on regional threat dynamics underscores why intelligence sharing and public-private collaboration are essential.

Cybercrime is no longer isolated; it reflects economic and political shifts. For example, hacktivism has surged in response to geopolitical tensions, with a 46 percent spike recorded in mid-2025. These campaigns increasingly target symbols of authority and economic power, including critical national infrastructure.

As advanced persistent threat (APT) groups such as OilRig, MuddyWater and Dark Blinders continue to evolve their tactics using methods like DNS-based data exfiltration and AI-driven malware, organizations must rethink how they protect themselves. Threat intelligence is emerging as the most effective early warning system, providing businesses with visibility into how attackers operate before they strike.

Ultimately, cybersecurity is a collective responsibility. Every employee, partner and policymaker has a role in safeguarding the digital foundations of our economies. As the Middle East continues its journey toward a technology-driven future, trust will be the most valuable currency, and it starts with security.

By thinking like hackers and acting as defenders, businesses across the Middle East can turn cybersecurity from a compliance burden into a strategic advantage.

- The writer is founder and CEO of Group-IB