Gulf Cooperation Council Countries Emerging as Major Targets for Cyber Threats
Rise in state-sponsored cyber threats highlights vulnerabilities in the Middle East and Africa in 2024.
In a significant rise of cyber threats supported by state actors, including advanced persistent threats (APTs) and hacking activities, the Gulf Cooperation Council (GCC) countries have emerged as primary targets throughout 2024. A report by cybersecurity firm Group-IB indicates that ongoing regional conflicts are driving these attacks.
The report extensively reviews the relationship between cybercrime and the growing cybersecurity threats in the Middle East and Africa, providing a detailed analysis of complex cyber intrusions, hacking incidents, and emerging cyber threats, thereby assisting businesses, cybersecurity professionals, and law enforcement in enhancing their security strategies.
Despite a modest increase of 4.27% in APTs within the region compared to a global surge of 58%, approximately 27.5% of threats attributed to state-sponsored hacking groups directly targeted GCC nations.
Additionally, significant figures from the report reveal that Egypt accounted for 13.2% of the threats, and Turkey for 9.9%, reflecting their notable geopolitical roles.
Other nations such as Jordan (7.7%), Iraq (6.6%), along with Nigeria, South Africa, Morocco, and Ethiopia, also face increasing cyber threats.
In the context of global cyberattacks, the Middle East and Africa ranked third, with 16.54% of incidents, contrasting with Europe at 35.98% and the Asia-Pacific region at 39.19%.
The sectors most affected included government (22.1%), financial services (10.9%), education (8%), and media and entertainment (5.2%), with these attacks targeting critical infrastructure and essential services.
The escalation of cyberattacks is largely attributed to ongoing geopolitical tensions, where cyber emissions are utilized to express ideological sentiments or achieve political and retaliatory objectives.
The report highlights pressing cybersecurity challenges, particularly the persistent threat of phishing attacks and data breaches across the GCC and broader Middle East and Africa.
Amidst rapid digital transformation in the region, attacks have been primarily directed towards critical sectors such as energy, oil, and gas (24.9%), and financial services (20.2%), indicating the economic motivations behind cybercrime.
Phishing attacks remain a significant threat, with internet services being the most targeted at 32.8%, followed by telecommunications (20.7%) and financial services (18.8%) within the Middle East, Africa, and Turkey.
Ransomware attacks have remained relatively low in the Middle East and Africa, with only 184 incidents recorded, signaling the lowest rate globally.
The report also emphasizes ongoing concerns regarding initial access brokers (IABs) and the extensive vulnerabilities they exploit.
In 2024, activities of IABs distinctly escalated in the region, with GCC nations facing the highest targeting at 23.2%, followed by Turkey at 20.5%, indicating a concentrated focus on these jurisdictions.
Data indicated that the number of compromised devices—containing credentials and sensitive information often sold on the dark web—was highest in Egypt at 88,951 compromised devices, followed closely by Turkey at 79,789 devices and Algeria at 49,173 devices, exposing substantial gaps in cybersecurity.
Stolen credentials and sensitive corporate information, sold on the dark web, have served as prime entry points for ransomware operators, state-sponsored attackers, and other cybercriminals.
The report disclosed more than 6.5 billion data entries containing email addresses, with approximately 2.5 billion unique addresses.
Additionally, 3.3 billion data entries containing phone numbers were leaked, including about 631 million unique numbers, reflecting the scale of escalating cyber threats.
In 2024, 460 million compromised passwords were revealed globally, consisting of 162 million unique passwords.
The continued rise in data leaks is facilitating criminal activities in the dark web economy, increasing risks for both organizations and individuals.
The report extensively reviews the relationship between cybercrime and the growing cybersecurity threats in the Middle East and Africa, providing a detailed analysis of complex cyber intrusions, hacking incidents, and emerging cyber threats, thereby assisting businesses, cybersecurity professionals, and law enforcement in enhancing their security strategies.
Despite a modest increase of 4.27% in APTs within the region compared to a global surge of 58%, approximately 27.5% of threats attributed to state-sponsored hacking groups directly targeted GCC nations.
Additionally, significant figures from the report reveal that Egypt accounted for 13.2% of the threats, and Turkey for 9.9%, reflecting their notable geopolitical roles.
Other nations such as Jordan (7.7%), Iraq (6.6%), along with Nigeria, South Africa, Morocco, and Ethiopia, also face increasing cyber threats.
In the context of global cyberattacks, the Middle East and Africa ranked third, with 16.54% of incidents, contrasting with Europe at 35.98% and the Asia-Pacific region at 39.19%.
The sectors most affected included government (22.1%), financial services (10.9%), education (8%), and media and entertainment (5.2%), with these attacks targeting critical infrastructure and essential services.
The escalation of cyberattacks is largely attributed to ongoing geopolitical tensions, where cyber emissions are utilized to express ideological sentiments or achieve political and retaliatory objectives.
The report highlights pressing cybersecurity challenges, particularly the persistent threat of phishing attacks and data breaches across the GCC and broader Middle East and Africa.
Amidst rapid digital transformation in the region, attacks have been primarily directed towards critical sectors such as energy, oil, and gas (24.9%), and financial services (20.2%), indicating the economic motivations behind cybercrime.
Phishing attacks remain a significant threat, with internet services being the most targeted at 32.8%, followed by telecommunications (20.7%) and financial services (18.8%) within the Middle East, Africa, and Turkey.
Ransomware attacks have remained relatively low in the Middle East and Africa, with only 184 incidents recorded, signaling the lowest rate globally.
The report also emphasizes ongoing concerns regarding initial access brokers (IABs) and the extensive vulnerabilities they exploit.
In 2024, activities of IABs distinctly escalated in the region, with GCC nations facing the highest targeting at 23.2%, followed by Turkey at 20.5%, indicating a concentrated focus on these jurisdictions.
Data indicated that the number of compromised devices—containing credentials and sensitive information often sold on the dark web—was highest in Egypt at 88,951 compromised devices, followed closely by Turkey at 79,789 devices and Algeria at 49,173 devices, exposing substantial gaps in cybersecurity.
Stolen credentials and sensitive corporate information, sold on the dark web, have served as prime entry points for ransomware operators, state-sponsored attackers, and other cybercriminals.
The report disclosed more than 6.5 billion data entries containing email addresses, with approximately 2.5 billion unique addresses.
Additionally, 3.3 billion data entries containing phone numbers were leaked, including about 631 million unique numbers, reflecting the scale of escalating cyber threats.
In 2024, 460 million compromised passwords were revealed globally, consisting of 162 million unique passwords.
The continued rise in data leaks is facilitating criminal activities in the dark web economy, increasing risks for both organizations and individuals.
Translation:
Translated by AI
