80% of cyberattacks in the Middle East lead to confidential data breaches

Positive Technologies, a leader in result-driven cybersecurity, has conducted a study on cyberthreats facing countries in the Middle East.
The study examines the impact of digital transformation, the rise of organised cybercrime, and the dynamics of the underground market in the region. One in three successful cyberattacks in the Middle East was carried out by APT groups that commonly target government institutions and critical infrastructure. While the rapid adoption of new IT solutions in the region boosts efficiency across industries, it also increases their exposure to cyberattacks.
Cybercriminals heavily relied on social engineering (61% of cases) and malware (51%), often combining the two methods. Remote access trojans (RATs) were the primary weapon in 27% of malware-based attacks. The widespread use of RATs suggests that attackers often aimed to maintain long-term access to their victims' systems.
The analysis shows that 80% of cyberattacks on organisations in the Middle East resulted in the breaches of confidential information. Hackers were mostly interested in credentials and trade secrets (29% each), as well as personal data (20%). In most cases, the stolen data was used for blackmail or sold on the dark web. The second major consequence of attacks (38% of cases) was the disruption of core business operations. Such disruptions were particularly harmful in sectors like healthcare, transportation, and government services, where even brief downtime can have serious real-world consequences.
APT groups are the most dangerous threat actors in the region because of their significant financial resources and advanced technical skills. In 2024, these groups accounted for 32% of all recorded cyberattacks, with a particular focus on government institutions and critical infrastructure. These attacks often went beyond standard cybercrime, taking the form of cyberespionage or even cyberwarfare. Their goal was not only to steal information but to undermine trust in government organisations and demonstrate power in the digital realm.
The analysis of the dark web revealed mentions of attacks on a wide range of industries in the region. Government organisations were the most frequently targeted (34%), followed by the industrial sector (20%). Hacktivists, in particular, were very active on underground forums. Unlike regular cybercriminals, they are driven by ideological motives rather than financial gain. They often share stolen databases for free, making the cybercrime situation worse by giving many other criminals access to the stolen data.
The United Arab Emirates, Saudi Arabia, Israel, and Qatar—leaders in digital transformation—were the most frequently mentioned countries on the dark web. Experts point out that the frequent ads for selling stolen data from these countries highlight the challenges of securing expanding digital environments. Cybercriminals are quick to exploit the vulnerabilities that come with rapid digitalisation.
Positive Technologies analyst Alexey Lukash said: 'In the near future, we expect cyberthreats in the Middle East to grow both in scale and sophistication. As digital transformation efforts expand, so does the attack surface, creating more opportunities for hackers of all skill levels. Governments in the region need to focus on protecting critical infrastructure, financial institutions, and government systems. The consequences of successful attacks in these areas could have far-reaching implications for national security and sovereignty'.
To help organisations build stronger defences against cyberthreats, Positive Technologies recommends implementing modern security measures. These include vulnerability management systems to automate asset management, as well as identify, prioritise, and remediate vulnerabilities. Positive Technologies also suggests using network traffic analysis tools to monitor network activity and detect cyberattacks. Another critical layer of protection involves securing applications. Solutions such as PT Application Firewall and PT Application Inspector are designed to identify vulnerabilities in applications, detect suspicious activity, and take immediate action to prevent attacks.
Positive Technologies emphasises the need for a comprehensive, result-driven approach to cybersecurity. This strategy is designed to prevent attackers from disrupting critical business processes. Scalable and flexible, it can be tailored to individual organisations, entire industries, or even large-scale digital ecosystems like nations or international alliances. The goal is to deliver clear, measurable results in cybersecurity—not just to meet compliance standards or rely on isolated technical fixes.
Image Credit: Positive Technologies

Try Our AI Features

Explore what Daily8 AI can do for you:

Learn with AIFact CheckingText to SpeechAI Summary

Related Articles

Khaleej Times

15 minutes ago

• Khaleej Times

Sunmarke students take centre stage as future changemakers at TEDxSunmarke 2025 and Think & Thrive Summit

Sunmarke School, one of Dubai's leading British curriculum institutions known for its innovation and character building ethos, has once again demonstrated the power of student voice through two landmark events held in June, the Think & Thrive Summit and TEDxSunmarke 2025. These extraordinary initiatives are key features of Sunmarke's Signature Programmes, which are designed to give students real-world experiences far beyond the classroom. Held on June 10, TEDxSunmarke 2025 delivered a dynamic showcase of student-led thought leadership under the theme 'Beyond the Surface'. Twelve articulate student speakers and one distinguished guest took to the TEDx stage, exploring themes ranging from personal ambition and mental health to climate action and hidden narratives of success. The talks resonated with raw authenticity and critical insight, reflecting the school's unwavering commitment to developing not just scholars, but confident changemakers prepared for the complexities of tomorrow. On June 3, Sunmarke hosted the Think & Thrive Summit, a dynamic event that brought industry leaders into direct conversation with students. More than a speaking event, Think & Thrive is a student-moderated conversation space where curiosity, aspiration, and mentorship converge. This year's line-up featured renowned personalities including Rasna Al Khamis, chief marketing officer at Emirates Nature–WWF, who shared her experience leading sustainability campaigns across the region; Lachlan Kitchen, seasoned radio host and deputy programme director at Talk 100.3 FM, who offered insights into the evolving world of media and live broadcasting; Maitha Alawadi, an award-winning Emirati scriptwriter and director who spoke on regional narratives and cultural storytelling; and Malika Singh, a celebrated Bollywood film producer, who discussed content creation at scale and the global influence of cinema. Their stories of triumph, creativity, and resilience served as a powerful career compass for Sunmarke's ambitious secondary students. These events are part of Sunmarke's acclaimed signature programmes, a suite of transformative initiatives encompassing STEAM & Design Thinking, AI Learning, Environmental Sustainability, Careers Development, Performing Arts and more. These programmes spark curiosity, build leadership, and develop the self-awareness students need to thrive in an ever-changing world. 'TEDxSunmarke & Think & Thrive Summit was a powerful reminder of what our students can achieve when given the stage, they inspired, challenged, and led with conviction. At Sunmarke, we see oracy as a cornerstone of confidence and leadership. Through signature programmes like TEDx and Think & Thrive, we're not just preparing students for exams, but empowering them to find their voice and shape the future," says Nicholas Rickford, Principal of Sunmarke School. Part of Fortes Education, Sunmarke School is rated 'Outstanding' by the British Schools Overseas Inspection Authority and 'Very Good' by the KHDA. It offers a breadth of post-16 pathways including A-Levels, the IB Diploma Programme, and BTEC qualifications. With over 260 after-school and extracurricular activities, top global university placements, and a purpose-built campus boasting state-of-the-art STEAM labs, media studios, and Olympic-standard facilities, Sunmarke remains at the forefront of educational excellence in the UAE. Sunmarke is ranked 68th globally among IB schools and 3rd in the UAE, a testament to its academic distinction and student outcomes. To learn more about Sunmarke School and its signature programmes, visit

Tahawul Tech

29 minutes ago

• Tahawul Tech

Fortinet upgrades CNAPP, expands solution availability via AWS Marketplace

New Lacework FortiCNAPP innovations and expanded solution availability in AWS Marketplace accelerate full application life-cycle protection, threat detection, and response. Abu Dhabi — Fortinet, a global cybersecurity leader driving the convergence of networking and security, announced powerful updates to Lacework FortiCNAPP at its' Security Day in Abu Dhabi on Monday. Alain Penel, VP of Middle East, Turkey & CIS at Fortinet: 'Whether you are born in the cloud or migrating business workloads, Fortinet delivers a unified cloud native application protection platform to empower organisations who adopt a multi-cloud strategy – securing their workloads, applications, and environments with agnostic visibility. This includes posture management and runtime security across the entire CICD lifecycle without compromising performance or agility. 'Fortinet is expanding its security cloud delivered offerings on AWS marketplace with FortiNDR, FortiSIEM, and FortiAppSec to provide real-time detection, contextual enterprise-wide visibility, cloud threat hunting, automated response and application security at cloud speed and scale.' The company also announced that the FortiAppSec Cloud service, FortiMail Workspace Security, FortiNDR Cloud, FortiSIEM, and Fortinet Incident Response services are now available in AWS Marketplace, a digital catalog that helps you find, buy, deploy, and manage software, data products, and professional services from thousands of vendors. 'Fortinet is committed to accelerating secure cloud transformation for our customers,' said Nirav Shah, Senior Vice President, Products and Solutions at Fortinet. 'By making more of our services available in AWS Marketplace and enhancing leading cloud-native solutions like Lacework FortiCNAPP and FortiAppSec Cloud, we're making it easier than ever for organisations to protect every cloud workload, application, and network edge.' Fortinet has enhanced Lacework FortiCNAPP to deliver even stronger protection for cloud-native applications across their entire life cycle. These updates reinforce FortiCNAPP as an industry-leading, cloud-native security platform designed to deliver faster detection, deeper insights, and simplified operations at scale. Real-Time CloudTrail Alerting – Enables near-instant detection of critical activity, such as compromised credentials or anomalous API behavior, by reducing AWS CloudTrail alert latency from 24 hours to under 15 minutes. Explorer (Security Graph) – Provides a visual, interactive view of attack paths and asset relationships, making pinpointing and investigating exposures, such as internet-facing vulnerabilities, easier. Agentless Windows Scanning – Supports agentless scanning for Windows workloads across any cloud, identifying vulnerabilities and secrets without requiring software deployment. This is ideal for expanding visibility and compliance with minimal overhead. Fleet Management – Delivers detailed visibility across large environments into agent inventory, health, and deployment status, helping teams monitor coverage and optimise cloud security. In addition, Fortinet expands its cloud services for web applications and APIs by introducing new service bundles that include Dynamic Application Security Testing (DAST), CDN, and SoC-as-a-Service, in addition to its AI-powered zero-day threat detection, analysis, and remediation to protect web applications and APIs. Full-Stack protection available in AWS Marketplace Fortinet has expanded the availability of its cloud security portfolio in AWS Marketplace. This provides Amazon Web Services (AWS) customers with the ability to streamline the purchase and management of more Fortinet offerings within their AWS Marketplace account. By deploying solutions on AWS, Fortinet makes it easier for customers to deploy protection, streamline procurement, and apply AWS Enterprise Discount Program (EDP) commitments. Services now available in AWS Marketplace include: FortiAppSec Cloud – Unified web application and API protection (WAAP) with web application firewall (WAF), bot management, API security, and DDoS mitigation FortiMail Workspace Security – End-to-end SaaS protection across email, browsers, and collaboration tools to stop advanced threats in platforms like Microsoft 365, Google Workspace, Slack, and Teams with a built-in, 24×7 managed incident response service to accelerate threat containment and lighten the load on SOC teams FortiNDR Cloud – AI-driven threat detection optimised for distributed cloud infrastructure FortiSIEM – Scalable log management and incident response for complex environments Fortinet has achieved the AWS Security Incident Response Specialisation, which recognises that Fortinet provides a streamlined incident response solution backed by AWS security response experts through AWS Security Incident Response. The capabilities of Fortinet's specialised cloud consulting and FortiGuard Incident Response Services teams help AWS customers strengthen their cloud security posture. Fortinet Incident Response Services are now available in AWS Marketplace, offering expert support backed by deep integration with AWS and the Fortinet Security Fabric. This underscores Fortinet's commitment to supporting customers with end-to-end security expertise—from proactive risk assessments to prompt incident handling—backed by deep integration with AWS-native tools and FortiGuard threat intelligence. Strategic shift toward unified cloud-native security This launch reinforces Fortinet's commitment to simplifying cloud security by consolidating fragmented, non-integrated solutions into a unified cloud security platform. Rather than relying on isolated point products, Fortinet delivers integrated solutions across application, network, and user layers designed to streamline management and scale efficiently in any environment. By unifying capabilities like WAAP, network detection and response (NDR), security information and event management (SIEM), cloud-native application protection platform (CNAPP), and workspace security under a single vendor and deployment model, organisations gain comprehensive cloud protection along with greater speed, cost-efficiency, and operational clarity. For those with cloud spend commitments and desire to optimise their cloud security investments, particularly in dynamic environments, Fortinet FortiFlex offers a flexible, daily usage-based licensing model that supports rapid deployment, elastic scaling, and seamless drawdown of existing cloud commitments, helping organisations protect what they need, when they need it, while only paying for what they use.

TECHx

35 minutes ago

• TECHx

Critical macOS Shortcuts Flaw Reported by PT SWARM Expert

Home » Emerging technologies » Cyber Security » Critical macOS Shortcuts Flaw Reported by PT SWARM Expert PT SWARM expert Egor Filatov has discovered a critical vulnerability in Shortcuts, a built-in Critical macOS app used to automate user actions. The flaw, if exploited, could give an attacker full control over a device. Positive Technologies revealed that the vulnerability is tracked as BDU:2025-02497 and carries a severity score of 8.6 out of 10 on the CVSS 3.0 scale. It affects Shortcuts version 7.0 (2607.1.3). The app has been part of macOS since Monterey, and is also supported in Ventura, Sonoma, and Sequoia. If a compromised device is connected to a corporate network, attackers could infiltrate the internal infrastructure. Filatov warned that it would be enough for a victim to run a malicious macro unknowingly. Positive Technologies reported that the vendor was notified in line with responsible disclosure policies. A patch has already been issued. Users are advised to upgrade to macOS Sequoia 15.5 or later. If an OS update is not possible, users should avoid downloading unknown shortcuts or using the app altogether. According to the report, possible consequences of exploitation include: Theft or deletion of sensitive data Remote malware installation and ransomware attacks Business disruption in corporate environments The company emphasized that threat actors could upload infected shortcut templates to the app's library. Before the patch, the flaw could be used to bypass macOS security and execute arbitrary code. Positive Technologies has a long track record of studying Apple products. In 2018, its researchers discovered a firmware flaw in Intel Management Engine that affected Apple computers. In 2017, vulnerabilities in Apple Pay were reported, allowing unauthorized transactions. The Shortcuts app is also available on iOS. To prevent threats on mobile, companies are advised to use solutions like PT MAZE. It protects apps by making reverse engineering difficult and costly for attackers.