SOCRadar UAE Threat Landscape Report: Runner-up for the Top 10 Targeted Countries
SOCRadar’s Threat Landscape Report provides a broad perspective on cyber incidents across various countries. Our new report is on cyber-hazard trends for the UAE. Read our report for a proactive understanding of corporate cybersecurity and visionary investment decisions.
Notorious APT groups and financially motivated ransomware gangs have targeted advanced UAE infrastructures. This OSINT and HUMINT-powered report from SOCRadar analysts features chatters on the deep & dark web, social media trends, exploited vulnerabilities, etc.
Most Targeted Sector: UAE Government Organizations
According to SOCRadar DarkMirror intelligence data, threat actors mainly targeted the government sector in the United Arab Emirates. When our analysts analyzed dark web activity worldwide, the UAE emerged as the second most targeted country. Remarkably, 57 different threat actors shared around 200 posts about the country in 2021.
Government organizations take the first place among the targeted verticals, followed by construction, IT, accommodation & food services, and banking & finance.
Major Data Leaks Followed Ransomware Attacks
In dark web forums monitored by SOCRadar, sensitive data allegedly belonging to many government and private sector victims has been put up for sale. Our analysts explain this with the increasing number of ransomware attacks.
In 2021, ransomware was breaking news in the United Arab Emirates as well as all over the world. Firms operating in the manufacturing and construction sectors announced that they were victims of these attacks. The activities of the LockBit and Conti gangs were far ahead.
Let’s Get to Know Ransomware Gangs Most Targeting UAE
As a ransomware-as-a-service (RaaS) operator, LockBit has the best locker in the black market for its functionality and encryption speed. One of its most recent victims has been General Trading LLC, which sells hardware to countries like China, India, and Taiwan.
It has attacked many organizations in the United Arab Emirates and leaked sensitive data allegedly belonging to the victims. Chat logs and source code belonging to Conti were leaked by a former gang member last month.
The group, which carried out its first attack in 2019, draws a very active profile in the UAE. It bypasses protection by rebooting computers into safe mode and brute-forces RDP ports for initial access as an attack method.
Other Key Findings by the SOCRadar Team
- China and Iran-backed APT groups targeted large organizations from different sectors in the UAE.
- In 2021, 299 phishing attacks targeting the UAE were detected.
- There are around 430K bots for sale in UAE.
- DDoS attacks have badly affected critical emergency services.
With SOCRadar® Free Edition, you’ll be able to:
- Discover your unknown hacker-exposed assets
- Check if your IP addresses tagged as malicious
- Monitor your domain name on hacked websites and phishing databases
- Get notified when a critical zero-day vulnerability is disclosed
Free for 12 months for 1 corporate domain and 100 auto-discovered digital assets.
Get free access.