Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label Cyber wargaming. Show all posts
UAE banking security Ransomware attacks
Cyber Security Cyber wargaming Cybersecurity Financial sector threats UAE banking security Ransomware attacks

Middle East Banks Strengthen Cybersecurity Amid Growing Threats

 

Financial institutions across the Middle East participated in the fourth annual Cyber Wargaming exercise in the United Arab Emirates, preparing for simulated cyberattacks amid rising digital threats. Despite these proactive measures, security experts remain concerned about the region’s rapid digital transformation and the shortage of skilled cybersecurity professionals, which continue to pose significant risks to the financial sector.

Jamal Saleh, director general of the UAE Banks Federation, emphasized the importance of cyber wargaming in identifying vulnerabilities and strengthening defenses against evolving cyber threats.

"[T]he rapid adoption and deployment of advanced technologies in the banking and financial sector have increased risks related to transaction security and digital infrastructure," he stated. Saleh also highlighted the sector’s growing awareness of cybersecurity initiatives that enhance security frameworks and protect consumers as cyber threats become more sophisticated.

The financial industry in the UAE is a prime target for cybercriminals, with 21% of all cybersecurity incidents in the region directed at banks and financial services. This makes the sector the second-most targeted after government entities, which account for 35% of attacks, according to a report released on February 25 by the UAE Cyber Security Council and CPX. While ransomware remains a persistent challenge, attackers are shifting strategies, focusing more on phishing, data breaches, and identity theft rather than traditional distributed denial-of-service (DDoS) attacks.

Shilpi Handa, associate research director for the Middle East, Turkey, and Africa at IDC, noted the industry's increased investment in identity and data security.

"[We see] trends such as increased investment in identity and data security, the adoption of integrated security platforms, and a focus on operational technology security in the finance sector," she said. However, she cautioned that despite regulatory improvements, the shortage of cybersecurity talent remains a pressing concern.

The UAE has committed over $2 billion to bolster its cybersecurity and digital transformation initiatives. This investment focuses on strengthening national cyber defenses, enhancing digital infrastructure, and securing critical systems. Cyber Wargaming 2025 played a key role in equipping financial sector professionals with the skills needed to counter emerging cyber risks.

Osama Al-Zoubi, vice president of Phosphorus Cybersecurity, stressed the importance of modernizing security frameworks to combat advanced threats.

"A central part of this plan involves updating outdated security frameworks," he said. "Many banks still rely on systems that were built without considering today’s advanced cyber threats. By directing funds toward those systems, institutions can stay current in an environment where attackers constantly adapt."

Cyber Wargaming 2025, the largest exercise of its kind in the Middle East, attracted central banks and financial institutions from across the Gulf Cooperative Council (GCC). Now in its fourth year, the event continues to play a critical role in shaping the region’s cybersecurity resilience.

Despite increased security measures, ransomware remains a top concern for financial institutions in the region. The "State of the UAE Cybersecurity" report revealed that the number of ransomware groups targeting UAE organizations increased from 12 in 2023 to 19 in 2024. Notably, RansomHub and LockBit were among the most active ransomware groups, with LockBit continuing to be the most prominent threat.

Ray Kafity, vice president for the Middle East, Turkey, and Africa at Halcyon, explained why financial institutions remain a prime target for ransomware attacks.

"When it comes to ransomware, it's a worldwide problem, not a geopolitical one," he said. "These criminal ransomware groups are motivated by profit and until that motive is removed, ransomware attacks will continue."

Cyber threats are intensifying as the attack surface for financial institutions expands. The latest CDX reports indicate that over 223,000 vulnerable assets were exposed to potential cyberattacks in the UAE in 2024, up from 155,000 in 2023. Among the vulnerabilities, a third of exposed systems had an unpatched OpenSSH flaw (CVE-2023-38408), further exacerbating security risks.

Osama Al-Zoubi from Phosphorus Cybersecurity pointed out the critical need for greater visibility into connected devices in financial settings.

"[A] major priority is addressing connected devices in financial settings," he said. "When everything from payment terminals to building controls is connected, institutions need broader defenses that keep track of each device’s status."

In addition to cybercriminal threats, financial institutions in the region face an increase in attacks by hacktivists and nation-state actors driven by geopolitical and ideological motives. Research from the previous year revealed that 66% of all cyberattacks in the region targeted the UAE and Saudi Arabia, underscoring the need for continuous vigilance and investment in cybersecurity resilience.
Read more »
Subscribe to: Posts (Atom)