71.4% of cyber threats targeting the UAE are caused by state-backed actors

The Chairman of the UAE Government Cybersecurity Council, Dr. Mohammed Al Kuwaiti, confirmed that the country has an advanced and integrated national cybersecurity system capable of monitoring digital threats and dealing with them with high efficiency, pointing out that the digital infrastructure in the country is exposed daily to between 90,000 and more than 200,000 cyberattacks that are prevented proactively without any impact on the continuity of services and data security.
He said that threat actors supported by countries or advanced threat groups accounted for 71.4% of the monitored parties, with 15 groups out of 21 groups, while organized cybercrime constituted 14.3%, and “hacktivist” groups represented the same percentage, which are groups or individuals who use cyberattacks as a tool to express political positions or ideologies.
He added that since the beginning of the current year 2026, the UAE has witnessed the recording of 128 cyber threat incidents targeting various entities in the country, including ransomware attacks, hacking attempts on government agencies, and data leakage and hacking incidents, stressing that all of these incidents were dealt with according to unified national response procedures that ensure rapid containment and risk reduction.
He pointed out that government agencies and the financial and banking services sector were at the forefront of the sectors most vulnerable to targeting, along with other vital sectors, explaining that the nature of the threats varied between defacement of websites, data leakage, unauthorized access attempts, denial of service attacks, as well as organized ransomware attacks.
He stated that intelligence analysis of cyber threats showed that a large percentage of these attacks are behind advanced threat groups supported by states, in addition to digital criminal activities and electronic sabotage groups that are continuously monitored and followed up through national surveillance systems and in coordination with the competent authorities within the country.
Regarding digital rumors and the use of deep fake technologies, Al-Kuwaiti stressed that this type of threat is considered one of the most prominent modern cyber challenges due to its direct impact on public confidence and institutional and international reputation, pointing out that the state continuously monitors attempts to publish misleading or fabricated content, especially those that target the financial, economic and banking sectors or attempt to exploit official names and figures.
Al-Kuwaiti added that there is no official number for deep fake cases linked to the UAE, but fabricated video clips are increasingly being used, including material that shows public figures as if they are promoting fraud or issuing incorrect decisions, with the aim of undermining public confidence, influencing markets, and harming the country’s international reputation.
He explained that geopolitical tensions in the Middle East region contributed to the escalation of anti-state digital discourse, driven by regional conflicts and diplomatic disputes, in addition to the increasing use of artificial intelligence tools, which led to the activation of hacktivist groups across the regional digital space.
He pointed out that tracking 21 active advanced threat groups and 60 hacktivist groups and cybercriminals showed that attacks targeting the digital infrastructure in the country originate mainly from Asia, Europe, and South America, where Asia represents about 66.7% of the sources of state-backed actors, compared to 14.3% from Europe, while the remaining percentage belongs to parties from the Middle East or cross borders.
At the level of coordination and implementation channels, the President of the Cybersecurity Council indicated that 49.2% of the attacks were coordinated via the Telegram application, 40.6% via the open web through global digital forums and markets, while 10.2% were coordinated via dark web networks primarily linked to ransomware attack systems.
He explained that the competent authorities in the UAE are working to confront these threats through an integrated technical and legislative system that includes early monitoring, advanced content analysis, and community awareness, in addition to developing regulatory frameworks for the uses of artificial intelligence to ensure reducing the misuse of these technologies.
He said that the recently adopted National Cybersecurity Strategy 2025-2031 represents a comprehensive roadmap to enhance cybersecurity in the country, pointing to the implementation of a national initiative for artificial intelligence security that aims to establish a center of excellence that ensures the safe and ethical use of smart technologies, in addition to developing a national program to accredit cybersecurity service providers within the country.
He added that the UAE has a central national cyber operations room that constitutes an essential hub in the monitoring and response system, as it allows the immediate exchange of cyber intelligence information between various sectoral operations centers and supports making quick, data-based decisions in cases of cyber emergencies.

Regarding the types of cyber attacks, he pointed out that defacement of websites constituted 38.3% of the total attacks, followed by data leakage at 25.8%, then data breach at 13.3%, and initial unauthorized access at 10.2%, while ransom attacks amounted to 7.8%, and denial of service attacks amounted to 4.7%.
Regarding the most targeted sectors, Al-Kuwaiti explained that government agencies came in the lead with a percentage of 9.4%, followed by financial and banking services with a percentage of 9.3%, then the real estate sector with a percentage of 5.5%, construction and engineering with a percentage of 4.7%, professional services with a percentage of 3.9%, transportation and logistics services with a percentage of 3.9%, hospitality and tourism with a percentage of 3.1%, education with a percentage of 3.1%, marketing and advertising with a percentage of 3.1%, luxury goods and jewelry with a percentage of 2.3%, and architecture and planning with a percentage. 2.3% and management consulting 2.3%.
Al-Kuwaiti stressed that the state continues to invest in building and qualifying national competencies in the field of cybersecurity through specialized programs, leadership academies, and competitive training initiatives, in addition to supporting innovation and entrepreneurship in this vital sector, which contributes to enhancing digital sustainability and national security.
Regarding international cooperation, Al-Kuwaiti stressed that the UAE is pursuing an effective policy in strengthening regional and international partnerships in the field of cybersecurity through multilateral channels and bilateral agreements to exchange threat information, coordinate in responding to incidents, and build digital resilience, stressing that this approach reflects the country’s commitment to protecting its national cyberspace with responsible openness to international cooperation to confront cross-border threats, within an integrated approach that balances national sovereignty and effective international cooperation.