UAE faces rising malware threats as email attacks surge 293% globally

Biannual report by Acronis reveals global malware data and trends

Top Stories

UAE announces 2-month grace period for residence visa violators

UAE announces fee refund for tax service charges from August 1

Paid parking in Dubai: Residents face up to Dh4,000 extra yearly costs when new rates kick in

Published: Mon 26 Aug 2024, 6:07 PM

Last updated: Tue 27 Aug 2024, 10:19 AM

The UAE witnessed a notable increase in malware detections with an 11.7 per cent increase from January to May 2024, recent research shows.

According to data from Acronis, a cybersecurity and data protection firm, email attacks have seen a 293 per cent surge when compared to the same period in 2023 across the globe.

The report — by Acronis’s threat research unit, titled “Acronis Cyberthreats Report H1 2024: Email attacks surge 293 per cent, new ransomware groups emerge” — leverages over one million unique Windows endpoints from 15 key countries around the world to bring awareness to global trends in the cybersecurity industry.

According to the report, UAE’s monthly percentages of global detections remained relatively lower compared to high-risk countries like Germany, France, and Egypt, highlighting a growing but still manageable cyber threat landscape.

The UAE had varying monthly percentages of global detections ranging from 0.8 per cent to 1.9 per cent throughout the first half of 2024. In comparison, Germany’s percentages ranged from 6.4 per cent to 9.9 per cent, France’s ranged from 3.6 per cent to 5.5 per cent, and the United Kingdom’s ranged from 4.3 per cent to 6.1 per cent. The UAE experienced a significant rise in the percentage of clients with malware detections. 17.6 per cent of clients with malware detections in January 2024, 18.8 per cent in February, 29.1 per cent in March, 29.3 per cent in April and May. The sharp increase in malware detections among UAE clients, reflects a concerning trend of escalating cyber threats, emphasizing the urgent need for enhanced cybersecurity measures.

While the region is facing considerable cybersecurity challenges, these are part of a broader trend affecting many Europe, Middle East and Africa countries, particularly in terms of rising malware detections and high-profile ransomware attacks. Compared to other EMEA countries, the situation in the Middle East and North Africa (Mena) mirrors broader regional challenges. Bahrain had the highest malware detection rate at 63.2 per cent in April 2024, followed by Egypt with 42.6 per cent of organizations experiencing detections in the same month.

“The insights from Acronis’ H1 2024 Cyberthreats Report highlight the urgent need for heightened vigilance and advanced protective measures,” remarked Ziad Nasr, General Manager for the Middle East at Acronis. “The UAE has been identified as a ‘prime target’ for ransomware attacks, as cautioned by the country’s Cyber Security Council. In 2023, the average cost of a data breach in the Middle East exceeded $8 million.”

“Managed service providers (MSPs) are particularly vulnerable, facing persistent threats such as phishing, social engineering, and supply chain attacks,” Nasr said. “Acronis encourages MSPs to adopt comprehensive security strategies, incorporating security awareness training, and leveraging advanced endpoint protection solutions like XDR and multi-factor authentication. Our report aims to empower organizations and enhance global cybersecurity resilience.”

Ziad Nasr, GM for Middle East, Acronis

Ransomware continues to be a major threat to small and medium-sized businesses (SMBs), particularly in critical industries such as government and healthcare. In Q1 2024, Acronis observed 10 new ransomware groups who together claimed 84 cyberattacks globally. Among the top 10 most active ransomware families detected during this time, three highly active groups stand out as the primary contributors, collectively responsible for 35 per cent of the attacks: LockBit, Black Basta, and PLAY. The number of ransomware detections were also on the rise, increasing 32 per cent from Q4 2023 to Q1 2024.

The report notes how MSPs are being targeted and compromised. Attack vectors including phishing and social engineering, vulnerability exploits, credential compromises, and supply chain attacks were highlighted as the most successful techniques used to breach MSPs’ cybersecurity defenses.

“As a result of the increasing volume and complexities of cyber threats we continue to uncover in the current cybersecurity landscape, it is of the utmost importance that MSPs take a holistic approach to securing their customer’s data, systems, and unique digital infrastructures,” said Irina Artioli, report author and Cyber Protection Evangelist at Acronis Threat Research Unit. “To do this effectively, we recommend MSPs adopt a comprehensive security strategy, including mandating security awareness trainings and incident response planning, as well as deploying advanced endpoint protection solutions like extended detection and response (XDR), multi-factor authentication, and more.”

Additionally, the report focuses on emerging cybersecurity trends, highlighting the increasing use of generative artificial intelligence (AI) and large language models (LLMs) by threat groups. Specifically, it underscores the growing prevalence of AI being leveraged in social engineering and automation attacks. The most common AI-generated attacks that were detected include malicious emails, deepfake business email compromise (BEC), deepfake extortions, KYC bypass, and script and malware generation. Furthermore, Acronis researchers have identified two types of AI threats. The first involves AI-generated threats, in which malware is created using AI techniques but does not utilize AI in its operations. The second is AI-enabled malware, which incorporates AI into its functionality.

ALSO READ: