Cybersecurity firm Positive Technologies has revealed an increase in cyberattacks targeting the Middle East, with the number of successful attacks tripling in Q1 2024 compared to the same period last year.
The findings announced during GITEX 2024, highlight the growing cybersecurity challenges facing the region amid escalating geopolitical tensions.
The study shows that cyberattacks in the Middle East doubled in Q4 2023 and tripled in Q1 2024 compared to the previous year. By Q2 2024, every second successful attack resulted in a data breach.
Nearly all studied Advanced Persistent Threat (APT) groups targeted the government sector, with 69 per cent of them focusing on energy companies.
Irina Zinovkina, Head of Information Security Analytics Research at Positive Technologies, said: “The surge in hacktivist attacks in the Middle East indicates a shift in modern conflict strategies, with cyberattacks becoming an inherent component. Our forecasts suggest that rising tensions in the region can lead to more DDoS attacks on media and government institutions. Additionally, if groups form alliances, they could execute large-scale cyberattacks with greater destructive potential.”
The public sector emerged as the most targeted industry, accounting for 24 per cent of all cyberattacks on organisations. The manufacturing sector follows closely, making up 17 per cent of attacks and facing threats from wipers, malware that erases data on compromised ICS devices.
Malware remains the most popular tool for attacking organisations in the region. However, cybercriminals are increasingly employing social engineering tactics, used in 54 per cent of attacks, with AI technologies being leveraged to enhance these efforts.
The study revealed a staggering 222 per cent increase in email phishing attacks in H2 2023 compared to H2 2022.
The consequences of the attacks led to data breaches being the primary outcome. The proportion of attacks resulting in data breaches rose from 35 per cent in Q3 2023 to 49 per cent in H2 2024.
Moreover, the average damage from cyberattacks on organisations in the Middle East is almost double the global average, underscoring the severe economic implications of these security breaches.
In response to these growing threats, Positive Technologies recommends adopting a result-driven cybersecurity approach to build cyber resilience.
This approach involves implementing a range of advanced security measures, including SIEM systems for continuous monitoring, specialised solutions for industrial control systems, EDR systems for endpoint protection, advanced sandboxes for detecting complex malware, NTA products for proactive threat hunting, and VM systems for automated IT asset management.
Additionally, the firm advises organisations to conduct continuous security assessments, including bug bounty programmes and employee training initiatives.
Follow us on
