SOCRadar® Cyber Intelligence Inc. | SOCRadar UAE Threat Landscape Report: Runner-up for the Top 10 Targeted Countries


Mar 29, 2022
4 Mins Read

SOCRadar UAE Threat Landscape Report: Runner-up for the Top 10 Targeted Countries

SOCRadar’s Threat Landscape Report provides a broad perspective on cyber incidents across various countries. Our new report is on cyber-hazard trends for the UAE. Read our report for a proactive understanding of corporate cybersecurity and visionary investment decisions.

Notorious APT groups and financially motivated ransomware gangs have targeted advanced UAE infrastructures. This OSINT and HUMINT-powered report from SOCRadar analysts features chatters on the deep & dark web, social media trends, exploited vulnerabilities, etc.

Most Targeted Sector: UAE Government Organizations

Sectors most targeted by threat actors in UAE.
(Sectors most targeted by threat actors in UAE Source: SOCRadar)

According to SOCRadar DarkMirror intelligence data, threat actors mainly targeted the government sector in the United Arab Emirates. When our analysts analyzed dark web activity worldwide, the UAE emerged as the second most targeted country. Remarkably, 57 different threat actors shared around 200 posts about the country in 2021.

Government organizations take the first place among the targeted verticals, followed by construction, IT, accommodation & food services, and banking & finance.

Major Data Leaks Followed Ransomware Attacks

In dark web forums monitored by SOCRadar, sensitive data allegedly belonging to many government and private sector victims has been put up for sale. Our analysts explain this with the increasing number of ransomware attacks.

(Distribution of sectors in the UAE targeted by ransomware gangs. Source: SOCRadar)
(Distribution of sectors in the UAE targeted by ransomware gangs. Source: SOCRadar)

In 2021, ransomware was breaking news in the United Arab Emirates as well as all over the world. Firms operating in the manufacturing and construction sectors announced that they were victims of these attacks. The activities of the LockBit and Conti gangs were far ahead.

Let’s Get to Know Ransomware Gangs Most Targeting UAE


As a ransomware-as-a-service (RaaS) operator, LockBit has the best locker in the black market for its functionality and encryption speed. One of its most recent victims has been General Trading LLC, which sells hardware to countries like China, India, and Taiwan.


It has attacked many organizations in the United Arab Emirates and leaked sensitive data allegedly belonging to the victims. Chat logs and source code belonging to Conti were leaked by a former gang member last month.


The group, which carried out its first attack in 2019, draws a very active profile in the UAE. It bypasses protection by rebooting computers into safe mode and brute-forces RDP ports for initial access as an attack method.

Other Key Findings by the SOCRadar Team

  • China and Iran-backed APT groups targeted large organizations from different sectors in the UAE.
  • In 2021, 299 phishing attacks targeting the UAE were detected.
  • There are around 430K bots for sale in UAE.
  • DDoS attacks have badly affected critical emergency services.

Read the full report for more insights and information.

Discover SOCRadar® Free Edition

With SOCRadar® Free Edition, you’ll be able to:

  • Discover your unknown hacker-exposed assets
  • Check if your IP addresses tagged as malicious
  • Monitor your domain name on hacked websites and phishing databases
  • Get notified when a critical zero-day vulnerability is disclosed

Free for 12 months for 1 corporate domain and 100 auto-discovered digital assets.
Get free access.