The United Arab Emirates (UAE) is a federation of seven emirates, located on the eastern coast of the Arabian Peninsula. The official language of the UAE is Arabic, and about the three-fifths of the population is Muslim. The federations economy is mostly driven by the petroleum, having one of the largest concentrations of the world’s oil reserves.
In order to fight against the criminals and the criminal groups in cyberspace the government of UAE started to develop a strategy, which is the “National Cybersecurity strategy 2019”. This strategy has five pillars:
- Implementing a legal framework that will cover all types of cybercrimes
- Enabling a vibrant cybersecurity ecosystem
- Creating a National ’Cyber Incident Response Plan’
- Protecting critical assets in the sectors of energy, ICT, government, electricity and water, finance and all
- Building local and global partnerships within the ecosystem to jointly pursue our mutual aims and dreams in cybersecurity.
Mohammed Hamad Al Kuwaiti, Head of Cyber Security for the Government of the UAE said that there are nearly 50,000 attacks in cyberspace per day against the strategic sectors of the UAE. The most targeted sectors in the UAE are the banking, health, oil, and financial sectors.
source: statista.com
As you can see on the diagram above, the most attacked sectors in the UAE are also in the list of most targeted global industry sectors. The big part of these attacks were ransomware attacks and data breaches. Cybereason, reported in 2021 that companies in the United Arab Emirates had to pay more than $1.4 million in the past two years after cyberattacks to get their systems back. The report said that 42% of the companies had to stop their operations due to the ransomware attack.
As we can see, the UAE has a cyber defence strategy, they are constantly working to improve their capabilities, but even with the huge resources available, it is still not 100% efficient to defeat cyber criminals. Coming back to the question of why there are so many attacks on UAE, it cannot be explained by one factor, as there are several components that could be responsible for the high number of attacks. First of all, as a state with a good economy and large capital, it has many enemies and rivals from either neighbouring countries or further afield. Besides this, there is also the inadequate security awareness of the population, which is exploited by the attackers.
The UAE plans to become the data and technology hub for the Middle East by 2031. As defined in the cyber strategy, one of the very important pillars is educating society to master new technology and to manage it effectively and safely. Dr Al Kuwaiti says: “A lack of resources and the lack of awareness in people are the main reasons why attacks happen,” he said. “People are coming to the digital transformation quickly without doing it safely.”
Another pillar of the cyber strategy is cooperation, thanks to which the UAE and Israel have a good relationship and help each other and fight cyber criminals together. Working with Israel, they have managed to stop attacks by Iran and the Hezbollah organisation.
To summarise, the UAE needs to develop its capabilities, educate society and work with other states to reduce the number of attacks and the cost of the damage caused by attacks. I believe that with the right strategy and the right number of resources, they will be able to achieve their goal of becoming the dominant state in the region in cyberspace by 2030.
Sources:
- https://www.britannica.com/place/United-Arab-Emirates
- https://www.jpost.com/israel-news/article-747851
- https://www.theweek.in/theweek/specials/2023/07/08/uae-government-head-of-cyber-security-dr-mohamed-al-kuwaiti-interview.html
- https://www.statista.com/statistics/221293/cyber-crime-target-industries/
- https://u.ae/en/about-the-uae/strategies-initiatives-and-awards/strategies-plans-and-visions/strategies-plans-and-visions-untill-2021/national-cybersecurity-strategy-2019
Author: Loránd Székely