UAE’s federal entities witness 11% jump in cyber attack attempts in March

More than 34,930 hacking attempts were stopped last month, said TRA

The cost of identifying and stopping a data breach runs into many millions. EPA
Powered by automated translation

The UAE's telecoms regulator recorded an 11 per cent monthly rise in cyber attack attempts against the country’s federal government entities in March.

More than 34,930 attempts were stopped last month, an increase of 3,449 on February's numbers, the Telecommunications Regulatory Authority said on Tuesday.

Fifty-nine per cent of the cases were related to malware, 34 per cent were attempts to exploit systems and more than 6 per cent were phishing attempts.

“Malware attacks included software created for the purpose of destroying, influencing or illegally obtaining systems and programmes,” the TRA said.

Phishing attacks are "a process in which the criminal impersonates reliable companies or entities to trick the users into submitting their private data such as the password and bank information, through fake messages or websites", the regulator said.

The TRA worked on 189 cyber attack cases last month, 29 more than reported in February.

“Out of these, 73 were severe while 105 were of medium intensity,” the regulator said. It said 44 system vulnerabilities were detected in March through penetration testing, vulnerability assessment and proactive bug hunting.

The UAE’s growing digital footprint continues to be an attractive target for cyber attacks.

The average cost of data breaches in the UAE and Saudi Arabia – the Arab world’s two largest economies – was $5.9 million (Dh21.65m) in 2019, a 12.4 per cent year-on-year increase, according to a report by IBM Security. This is second only to the US, which has the highest total average cost per data breach of $8.19m.

The TRA rolled out its first National Cybersecurity Strategy in June last year.

The regulator has identified nine different sectors, including energy, telecoms, transportation, health and utilities, regarded as “critical” parts of its infrastructure and is developing dedicated programmes to ensure they are protected.