80% of cyber attacks in the Middle East result in data leaks

Positive Technologies experts conducted a study of threats to Middle Eastern countries, examining the impact of digitalization, cybercriminal activity, and the shadow market. They found that APT groups are behind every third successful attack in the region, most often attacking government agencies and critical infrastructure. The rapid implementation of new IT solutions increases business efficiency, but at the same time makes it more vulnerable to attacks.

"Cyber ​​threats in the Middle East will continue to scale and become more sophisticated in the foreseeable future. The growing popularity of digitalization initiatives in the region is significantly expanding the digital perimeter, creating new attack vectors and entry points, making attacks more accessible to hackers of varying skill levels."

Alexey Lukash, analyst, Positive Technologies

Cybercriminals actively use social engineering (61% of attacks) and malware (51%), often combining these methods. The main tool in the latter case was remote control software (27% of attacks), which indicates the intruders' intention to remain in the victim's system for a long time.

80% of successful attacks resulted in data leaks, with credentials and trade secrets (29% each) and personal data (20%) most often stolen. The information was typically used for blackmail or sale on the darknet. In 38% of cases, attacks disrupted the work of organizations, especially in healthcare, transport, and government services, where even a short-term failure can have serious consequences.

Well-resourced APT groups accounted for 32% of attacks in 2024. Their primary targets are governments and critical infrastructure, and their motives often extend beyond financial gain to cyber espionage or cyber warfare.

An analysis of the darknet showed that government agencies (34%) and industry (20%) were the most frequently attacked. Hacktivists are particularly active, distributing stolen data for free, which exacerbates the problem. The UAE, Saudi Arabia, Israel and Qatar were mentioned most often in the darknet — the leaders of digitalization, whose data is especially in demand by cybercriminals.