cyber threats Wargaming and Growing Security Concerns
The financial sector in the United Arab Emirates (UAE) recently conducted its annual cyberattack simulation, known as the Cyber Wargaming exercise, as concerns over ransomware and geopolitical cyber threats intensify. The event, now in its fourth year, brought together banks and financial firms across the Middle East to test their preparedness against potential cyberattacks. Despite these efforts, cybersecurity experts remain concerned that the region’s rapid digital transformation and shortage of skilled professionals leave the financial sector vulnerable.
Jamal Saleh, Director General of the UAE Banks Federation, highlighted the importance of such initiatives, stating that the fast adoption of advanced technologies in banking has heightened risks related to transaction security and digital infrastructure. He emphasized the sector’s awareness of evolving cyber threats, particularly those leveraging artificial intelligence (AI). The latest Cyber Wargaming event was designed to help financial institutions identify weaknesses and enhance their defenses in an increasingly complex digital environment.
A report from the UAE Cyber Security Council and IT service provider CPX, released on February 25, revealed that financial institutions accounted for 21% of the region’s cybersecurity incidents, second only to government systems, which faced 35% of cyber threats. Security experts note that while distributed denial-of-service (DDoS) attacks were previously prevalent, cybercriminals now focus on phishing, data breaches, and identity-based threats to exploit financial institutions.
Investing in Cyber Resilience
In response to growing cyber threats, the UAE has pledged to invest over $2 billion in cybersecurity initiatives and digital infrastructure upgrades. These investments aim to fortify national cyber defenses, enhance digital security, and protect critical financial assets. The Cyber Wargaming 2025 event, which included participation from central banks and financial institutions across the Gulf Cooperation Council (GCC), focused on helping organizations develop strategies to counter cyber threats.
Osama Al-Zoubi, Vice President of Phosphorus Cybersecurity, stressed the importance of updating outdated security frameworks. Many financial institutions still operate on legacy systems that were not designed to combat today’s sophisticated cyber threats. By directing substantial investments toward these areas, banks can maintain robust security measures and stay ahead of evolving cyber risks.
Cybersecurity experts note that while regulatory policies are improving, a shortage of skilled professionals remains a challenge. To address this gap, financial institutions are increasingly investing in identity and data security, integrated security platforms, and operational technology security.
Ransomware Remains a Persistent Threat
Ransomware continues to be a major concern for financial institutions in the Middle East. The number of ransomware groups targeting UAE-based organizations increased from 12 in 2023 to 19 in 2024, according to the “State of the UAE Cybersecurity” report. Among the most active cybercriminal groups in the region are RansomHub and LockBit, with the latter maintaining its status as a dominant threat despite a slight decline in activity.
Ray Kafity, Vice President for the Middle East, Turkey, and Africa at Halcyon, a cybersecurity firm, pointed out that ransomware attacks are primarily profit-driven rather than politically motivated. Financial institutions are often targeted due to their perceived ability to pay ransoms, making them attractive to cybercriminals.
Additionally, the increasing number of connected devices within financial settings has expanded the attack surface. In 2024, the number of vulnerable assets exposed to potential cyberattacks in the UAE surged to 223,000, up from 155,000 in the previous year. Phosphorus’ Al-Zoubi emphasized the need for financial institutions to strengthen visibility into connected devices, as many cyber threats exploit vulnerabilities in payment terminals, data centers, and network infrastructure.
The Middle East remains a prime target for cyberattacks, with approximately two-thirds of incidents affecting the UAE and Saudi Arabia. As cybercriminal tactics continue to evolve, regional financial institutions must enhance their cybersecurity frameworks, invest in skilled professionals, and adopt proactive measures to mitigate risks in an increasingly digital world.
