71.4% of Cyber Threat Groups Targeting UAE are State-Sponsored, says Cybersecurity Council

The UAE Government Cybersecurity Council said state-backed actors account for the bulk of advanced cyber threats targeting the UAE, with 71.4% of tracked threat groups classified as state-sponsored/APT

Speaking to Emirates News Agency (WAM), Dr. Mohamed Hamad Al Kuwaiti said the UAE faces 90,000 to 200,000 breach attempts daily, which are “proactively thwarted” without impacting service continuity or data security.

Since the start of 2026, the council recorded 128 confirmed incidents affecting entities across the country, including ransomware, government breaches, and data leaks or breach incidents, adding that cases were handled through unified national response protocols for rapid containment and mitigation.

By incident type, website defacement made up 38.3% of cases, followed by data leaks (25.8%), data breaches (13.3%), initial access (10.2%), ransomware (7.8%), and DDoS (4.7%), according to the report. Government administration and financial services/banking were cited among the most targeted sectors.

Al Kuwaiti also warned of rising disinformation risks, including the use of deepfakes to undermine trust and manipulate markets, noting that the UAE monitors misleading content—particularly narratives targeting economic and banking sectors or misusing the names of officials.

On threat coordination channels, the council said nearly half of tracked activity was organized via Telegram, with the remainder split between open-web forums/marketplaces and Tor-based infrastructure.