In a major cybersecurity operation, the UAE government successfully prevented attacks on 634 government and private entities, preventing what could have been a large-scale UAE cyberattack or data leak affecting critical sectors.
Dr. Mohamed Al Kuwaiti, Head of Cybersecurity for the UAE Government, confirmed that a hacker known as “rose87168” has claimed responsibility for the breach. The attacker alleges to have compromised Oracle Cloud’s SSO and LDAP systems, potentially exposing approximately six million customer records worldwide—including sensitive password data. If verified, this would rank among the most severe cybersecurity breaches in recent history.
Beyond national borders, estimates suggest that around 140,000 entities worldwide may have been impacted, including 634 in the UAE—30 of which are government agencies, along with key private sector organizations.
To explore the broader implications, The Cyber Express team spoke with industry experts to analyze what this large-scale cyberattack signifies for the future of cybersecurity in the UAE.
Why the UAE Remains a Prime Target of Cybercriminals
The latest cyberattack on the UAE was far from a mere digital nuisance—it was a full-scale attack, emphasizing the growing nature of cyber threats. No longer limited to website damages or temporary disruptions, these attacks now pose a direct risk to national security, economic stability, and public trust. In response, the UAE Cybersecurity Council swiftly activated emergency defense measures in coordination with relevant authorities.
However, cybersecurity experts warn that this incident is just a glimpse of a larger, ongoing battle. Carmen Marsh, President & CEO at United Cybersecurity Alliance, emphasized the persistent nature of cyber threats.
“This is not the first time the UAE has faced a massive cyberattack. Its strategic position and rapid digital transformation make it an attractive target for cybercriminals. This reality underscores the need for organizations within the region to understand that cyber threats are not isolated incidents but ongoing risks requiring constant vigilance and proactive strategies,” she asserts.
Echoing this concern, Eng. Dina AlSalamen, Cybersecurity Director of Cyber and Information Security, pointed to the UAE’s technological advancements as a double-edged sword.
“As the UAE continues to advance technologically, especially in areas such as smart cities, IoT, and digital governance, it is becoming a more attractive target for cybercriminals. The attempted breach of 634 entities underscores a broader trend where adversaries are increasingly adopting multi-pronged and coordinated attack strategies,” she explains.
These evolving threats aren’t limited to one sector. Experts highlight how cybercriminals are deploying advanced persistent threats (APTs), ransomware, and data exfiltration tactics to infiltrate critical infrastructure and steal sensitive information. “This incident serves as a reminder that the UAE’s strategic economic sectors must be ever-vigilant as they evolve and integrate new technologies,” AlSalamen adds.
Media organizations are among the most frequently targeted entities. Anoop Paudval, Head of Information Security and GRC at Gulf News, revealed the alarming frequency of attacks. “Media organizations in the UAE face an average of 20,000 attacks per day. The UAE Cybersecurity Council recently reported that cyberattacks targeting strategic sectors in the country have surpassed 200,000 daily. Cross-border, nation-sponsored cyberattacks—often orchestrated by cyberterrorist groups—are on the rise, leveraging sophisticated AI-driven attack mechanisms,” he states.
AI-Driven Cybersecurity: The UAE’s Strategic Defense Against Emerging Threats
As the UAE sets its position as a global technology hub, cyber threats continue to increase in difficulty and scale. With cybercriminals refining their tactics, experts emphasize the need for proactive defense strategies, AI-driven threat detection, and cross-sector collaboration to counter evolving cyber risks. The UAE Cybersecurity Council has urged organizations nationwide to strengthen their security postures, enhance cyber readiness, and report any suspicious activity immediately.
“The continuous awareness by UAE CSC coordinated Private-Public collaborations, all of the attacks been tracked, identified, and their attack sites pinpointed with precision and effectively countered using the latest global methods in this field,” said Paudval.
He further informed that the Council has revealed that cyberterrorist attacks primarily targeted the government sector (30%), followed by financial and banking (7%), education (7%), and technology, aviation, and healthcare sectors (4% each), with 44% impacting other critical sectors. These attacks focused on data exfiltration and operations sabotage by locking digital systems for ransom.
Marsh highlighted the UAE’s rapid response capabilities, stating, “Thanks to the UAE Cyber Security Council’s robust cybersecurity framework, emergency protocols were promptly activated to safeguard the nation’s cyberspace, averting a potential cyber disaster.” With the UAE’s ambition to become a global leader in AI development, she emphasized that AI will play a pivotal role in strengthening its cybersecurity capabilities, particularly against AI-driven cyberattacks.
While AI poses risks in the hands of malicious actors, it also serves as a formidable tool in cybersecurity defense. By leveraging AI, organizations can automate threat detection, analyze vast datasets in real time, and enhance incident response. “A Zero Trust model, coupled with AI-driven threat detection, can significantly reduce unauthorized access and limit the lateral movement of attackers,”
Marsh explained. As cyber threats evolve, the UAE’s commitment to integrating AI with its cybersecurity infrastructure will be crucial in fortifying national defenses and ensuring digital resilience.
Lessons from UAE Cyberattack: Cybersecurity Strategies to Adopt
While the UAE Cybersecurity Council plays an important role in national cyber defense, organizations must take ownership of their security strategies to keep pace with evolving threats. “The message is clear: adopting global best practices is no longer optional—it is a necessity,” stresses Paudval.
Experts highlight several key measures that businesses and government entities should implement to enhance cybersecurity resilience.
Zero Trust Architecture is a critical strategy that assumes every access request is a potential threat, requiring strict authentication and continuous monitoring. “Adopting a Zero Trust model, which ensures that no entity (inside or outside the network) is trusted by default, helps mitigate the risk of lateral movement in case an attacker breaches initial defenses,” explains Eng. Dina AlSalamen.
Strengthening access controls through Multi-Factor Authentication (MFA), keeping systems updated with proactive patching, and leveraging AI-driven threat detection are also vital steps. “Incorporating AI into cybersecurity ecosystems can bolster defenses against evolving threats, including those driven by AI and quantum computing advancements,” adds Marsh.
However, technology alone is not enough—organizations must prioritize cyber awareness training to reduce human error, a leading cause of cyber incidents. “Since human error remains one of the primary entry points for cyberattacks, continuous training on phishing prevention and safe online practices is vital,” emphasizes AlSalamen.
Additionally, securing sensitive data through encryption and regular backups ensures quick recovery from ransomware attacks.
What Future Holds
The successful containment of this UAE cyberattack emphasizes the UAE’s strong commitment to cybersecurity, but experts warn that the threat landscape will only continue to evolve. “Massive cyberattacks like this serve as critical learning opportunities,” notes Marsh. “Organizations must prioritize Zero Trust frameworks and allocate substantial resources to AI-driven cybersecurity programs. Proactive investment in these measures is essential to staying ahead of ever-evolving cyber threats.”
This incident highlights the growing complexity of modern cyberattacks and the need for a multi-layered, proactive defense strategy across all sectors. As cybercriminals refine their tactics, businesses and government entities must strengthen their security posture through continuous threat intelligence sharing, advanced detection systems, and rigorous security training.
While the UAE has demonstrated its resilience, this attack serves as a reminder that cybersecurity is an ongoing battle. The question is no longer if another attack will occur, but when—and whether organizations will be prepared to withstand it.
