UAE cybercrime statistics 2025: Key data and trends

Cybercrime in the UAE is rising at an alarming pace, affecting businesses, consumers, and government organizations.

By 2025, the UAE became the second most targeted country in the Middle East, accounting for 12% of all regional cyberattacks.

Companies face multi-million-dollar data breaches, while shoppers experience higher risks of fraud and scams. Ransomware, phishing, Wi-Fi breaches, and AI-driven attacks are adding new layers of complexity.

This article presents the latest UAE cybercrime statistics for 2025, curated from trusted sources and insights from CPX’s Cybersecurity Annual Report. All references and verified data sources are listed at the end of the page for transparency.

Key Cybercrime Statistics of the UAE at a Glance

• By 2024, the UAE became the second most targeted country in MENA, facing 12% of all cyberattacks in the region, just behind Israel.
• The average cost of a cyber incident for UAE businesses reached $2.9 million, making breaches a major financial burden.
• In 2023, 44% of retailers in the UAE suffered cyberattacks or data breaches, showing the retail sector’s high exposure.
• The average loss per UAE consumer hit by payment fraud was $884, a sharp 270% increase from earlier surveys.
• Ransomware attacks grew by 32% in 2024, with new groups like RansomHub, DarkVault, and Qilin emerging as key players.
• In 2024, 83% of CISOs in the UAE identified human error as the leading security risk, despite rising technical threats.
• The UAE Cyber Security Council now blocks more than 200,000 cyberattacks every day, defending against threats from over 14 countries.
• Since early 2025, the UAE has recorded over 12,000 Wi-Fi breaches, making up 35% of all cyberattacks during that period.

Business and Consumer Impact of Cybercrime in the UAE

• In 2023, 44% of retailers in the UAE suffered cyberattacks or data breaches, showing how common these incidents have become in the retail sector. This was also a 39% increase compared to 2022, which signals a fast rise in threats year over year.
• On average, UAE businesses lost about $2.9 million each due to fraudulent activity, making cybercrime a serious financial challenge for companies operating in the country.
• Among consumers, 35% of shoppers in the UAE reported being targeted by payment fraud attempts in 2023, confirming that individuals face risks similar to businesses.
• The average financial loss per affected shopper reached $884 in 2023, which was a 270% increase compared to the previous survey, showing that fraud incidents are becoming more costly for individuals.
• Consumer behavior is also changing, as 29% of shoppers said they now prefer retailers with strong security systems, while 28% appreciate online stores that use multi-factor authentication (MFA) even if it makes the shopping process slightly longer.

These figures show that cybercrime has a strong effect on both businesses and consumers in the UAE. Companies face multi-million-dollar losses, while individuals experience growing fraud risks and higher personal costs.

At the same time, many consumers are becoming more aware of security and choosing retailers that provide stronger protection.

Ransomware and Evolving Threat Actors in the UAE

• In 2024, ransomware attacks in the UAE increased by 32% compared to the previous year, showing how attackers are becoming more aggressive and effective.
• The ransomware group Lockbit3 lost dominance, with its share dropping from 31% in 2023 to 16% in 2024, proving that the threat landscape is shifting rapidly.
• A new group, RansomHub, became one of the top players in 2024 by accounting for 13% of all ransomware activity in the UAE, highlighting its rising influence.
• By contrast, the Clop ransomware group, which held a 12% share in 2023, disappeared from the UAE threat data in 2024, showing how quickly some groups lose relevance or change tactics.
• DarkVault, Qilin, RansomEXX, and KillSec also appeared in 2024 as emerging ransomware groups, further diversifying the pool of active attackers in the country.

The ransomware landscape in the UAE is both growing and shifting. Attacks are becoming more frequent, and the list of active groups is constantly changing. Established players like Lockbit are losing ground, while new groups such as RansomHub and DarkVault are stepping in. This diversity makes ransomware harder to track and defend against, pushing organizations to update their defenses regularly.

Cost of Cybercrime and Data Breaches

• In 2024, the Middle East recorded the second-highest average cost of data breaches worldwide, showing that the region, including the UAE, is one of the most expensive places to recover from cyber incidents.
• The average global cost of a single data breach reached $4.88 million in 2024, driven by lost business, customer response efforts, and regulatory compliance costs.

These figures show that data breaches are not just frequent but also extremely costly. The Middle East, and especially the UAE, ranks among the top regions in terms of breach expenses.

For enterprises, the financial damage goes beyond immediate technical recovery and includes long-term costs like customer trust, business reputation, and compliance penalties.

Cybercrime Impact by Industry in the UAE

• In 2024, the government sector was the most targeted, accounting for 44% of all reported cyber incidents in the UAE, which shows how public institutions remain a top focus for attackers.
• The energy sector followed with 33% of incidents, reflecting the critical importance of energy systems and the risks tied to national infrastructure.
• The technology industry reported 12% of incidents, showing that tech service providers are also under growing pressure.
• The defense research and development (R&D) sector made up 11% of incidents, highlighting the risk of cybercriminals and hostile actors seeking sensitive national data.
• Broader SOC data from 2023–2024 also shows that finance (21.3%), insurance (11.6%), healthcare (6.7%), IT services (4.8%), and defense (6.6%) all remain exposed to cyber threats.

Cybercrime in the UAE affects both government bodies and private industries. Sectors tied to critical services, such as government and energy, face the largest share of attacks, while finance, healthcare, and insurance also remain at risk.

This spread shows that attackers target both sensitive state data and industries that store large volumes of personal and financial information.

Attack Entry Vectors Used in the UAE

• In 2023, insider threats were the most common entry point at 29% of incidents, showing how employee mistakes or misuse can open doors to attackers.
• The exploitation of public-facing applications accounted for 21% of incidents in 2023, highlighting the risks linked to weak or outdated online systems.
• Drive-by downloads made up 18% of incidents in 2023, proving how attackers used hidden malware on websites to infect users.
• Other 2023 vectors included phishing (11%), account compromise (7%), data leaks (7%), and malware infections (7%), each adding to the range of attack methods.

• By 2024, the entry patterns had shifted, with data destruction making up 22% of incidents and unidentified methods also at 22%, showing a rise in more damaging and less traceable attacks.
• Brute force attacks accounted for 12% in 2024, while email frauds (11%), web server compromises (11%), and vulnerability exploitation (11%) were also significant.

The entry methods used by attackers in the UAE are changing quickly. While 2023 was dominated by insider threats and public application exploits, 2024 saw more destructive attacks and brute force attempts.

This shift shows that attackers are moving from exploiting human error to using more aggressive and technical approaches.

Malware Delivery Methods in the UAE

• In 2023, unknown sources accounted for 43% of malware delivery in the UAE, showing that many infections could not be directly traced to a specific method.
• Direct installs made up 36% of cases in 2023, meaning attackers tricked users or gained access to install malware manually.
• Smaller shares in 2023 included web application attacks (7%), downloads by other malware (7%), and remote injections (7%), each showing different infection routes.
• In 2024, malware delivery became more diverse, with unknown methods dropping to 33%, but new vectors rising.
• Other methods in 2024 included remote injections (11%), direct installs (11%), drive-by downloads (11%), web application attacks (11%), and DLL/Webshell hijacking (11%), showing a wider mix of delivery channels.

Malware in the UAE is spreading through more varied methods compared to the past. While unknown and direct installs were the main concerns in 2023, 2024 showed growth in email-based infections, drive-by downloads, and DLL hijacking.

This diversity makes it harder for organizations to detect and block malware attacks using a single defense strategy.

Email and Phishing Threats in the UAE

• In 2024, email impersonation attacks in the UAE increased by 75% compared to the previous year, showing how attackers are using fake emails to trick employees and customers.
• Phishing, spoofing, and email fraud together accounted for 12% of all recorded cyber incidents in the UAE, proving that email remains one of the weakest points in organizational security.

Email continues to be one of the easiest ways for attackers to enter systems. The sharp rise in impersonation attacks shows how criminals use social engineering to bypass defenses.

Since phishing alone accounts for a significant share of incidents, UAE businesses must strengthen email security tools and train staff to recognize suspicious messages.

Human Factor and AI-Driven Cyber Risks in the UAE

• In 2024, 83% of Chief Information Security Officers (CISOs) in the UAE identified human error as the leading cybersecurity risk, showing that mistakes by employees remain the biggest weakness.
• The share of CISOs who believed their organization was at risk of a major cyberattack fell from 75% to 70%, suggesting slightly improved confidence but still leaving most leaders worried.
• 33% of organizations in the UAE reported that the use of Generative AI (GenAI) has expanded their attack surface, creating new openings for cybercriminals.
• At the same time, 48% of CISOs expressed concern that employees might deliberately misuse GenAI tools, raising the risk of insider threats supported by advanced technologies.

Human actions continue to drive many cyber risks in the UAE. Errors by staff remain the top problem, and new technologies such as AI are adding fresh challenges.

While AI offers benefits, it also expands attack surfaces and increases the chances of misuse. This shows that both human training and AI governance are becoming critical parts of cybersecurity.

Government and National Cybersecurity Measures in the UAE

• The UAE Cyber Security Council reported that it blocks more than 200,000 cyberattacks every day from groups across 14 countries, showing the massive scale of attempted attacks on the nation.
• Since the beginning of 2025, over 12,000 Wi-Fi breaches were recorded in the UAE, which made up around 35% of all cyberattacks in the country during this period.
• According to CSC reports for early 2025, among the affected sectors, government organizations accounted for 30% of attacks, while finance and education each faced 7% of incidents. Other industries, including technology, aviation, and hospitals, each recorded 4% of attacks, with the remaining 44% spread across various other sectors.

The UAE faces constant pressure from cybercriminals, but the government has strong defenses in place. Blocking hundreds of thousands of attacks daily shows the scale of national-level protection.

At the same time, Wi-Fi breaches and sector-wide targeting highlight that attackers continue to probe both critical infrastructure and everyday digital services.

Severity and Categories of Cyber Incidents in the UAE

• In 2024, 48% of cyber incidents in the UAE were classified as medium severity, while 28% were high severity, 23% were low, and 1% were critical, showing that most incidents carried a meaningful level of risk.

• By type, misconfiguration issues accounted for 32% of all incidents, making system errors and weak setups the most common cause of breaches.
• Scans, probes, and attempted access made up 15% of incidents, reflecting how attackers constantly test systems for weaknesses.
• Malware infections were involved in 9% of incidents, while unauthorized access cases also made up 9%, showing gaps in access controls.
• Web application attacks accounted for 4% of incidents, a smaller share but still important given the reliance on online platforms.

• Threat hunting insights revealed that improper usage and unlawful activity accounted for 61% of incidents, web vulnerabilities made up 24%, malicious code appeared in 8%, and scans or probes represented 4%. Smaller shares were linked to compromised information and ongoing investigations.

Cyber incidents in the UAE are mostly of medium to high severity, meaning they can disrupt operations even if they are not catastrophic. Misconfigurations and improper usage remain the top causes, proving that internal gaps often create the biggest risks.

At the same time, phishing, malware, and unauthorized access continue to appear across many incidents, showing the mix of both human and technical weaknesses.

Password and Authentication Weaknesses in the UAE

• In 2024, 54,655 passwords with only 1–8 characters were compromised in the UAE, showing how short passwords remain the easiest to break.
• A larger number, 107,478 passwords with 9–12 characters, were also compromised, proving that slightly longer passwords are not always secure without additional protection.
• Even 75,976 passwords longer than 12 characters were exposed, highlighting that password length alone is not enough to stop cybercriminals.

These figures make it clear that relying on passwords alone is no longer safe. Even long passwords can be compromised, especially if users repeat them across accounts or if systems lack extra layers of protection.

Multi-factor authentication (MFA) and stronger password policies are now critical to reduce these risks.

The UAE’s Position in MENA Cybercrime

• In 2024, the UAE accounted for 12% of all cyberattacks in the MENA region, making it the second most targeted country after Israel.
• Israel faced the highest share with 38% of total cyberattacks, showing the regional concentration of threats.
• Saudi Arabia recorded 9% of attacks, while Jordan accounted for 6% and Morocco for 5%.
• Other countries, including Bahrain, Lebanon, Egypt, and Türkiye, each faced 4% of attacks, with the remaining 14% spread across various other nations in the region.

UAE is one of the main cybercrime targets in the MENA region, second only to Israel. Its strong economy, advanced digital infrastructure, and regional importance make it a frequent focus for attackers.

Along with Saudi Arabia and Jordan, it forms part of the core group of countries facing the highest cyber risks in the region.

Final Words

Cybercrime in the UAE continues to expand in scale, cost, and complexity. The data shows rising business losses, higher fraud against consumers, and more advanced ransomware operations. Government and critical industries remain top targets, while phishing and human error still play a major role in incidents.

By 2025, the UAE had become the second most targeted country in the Middle East, proving the country’s importance to attackers. At the same time, national defenses are strong, with millions of attacks blocked daily. Still, organizations must strengthen security controls, reduce human mistakes, and prepare for new risks from artificial intelligence and evolving ransomware groups.

The statistics confirm one clear message: cybercrime in the UAE is not slowing down. Both companies and individuals must stay alert, adopt stronger protections, and adapt to a threat landscape that keeps changing.

Data Sources

• https://www.cpx.net/media/thbeuxk5/cpx-state-of-the-uae-report-2025.pdf
• https://fastcompanyme.com/news/nearly-half-of-uae-retailers-hit-by-cyberattacks-in-2023/
• https://www.khaleejtimes.com/uae/wifi-breaches-2025
  
• https://csc.gov.ae/en/w/csc-announces-countering-200-000-cyberattacks-daily-from-terrorist-groups-across-14-countries
• https://www.arabianbusiness.com/industries/technology/428500-dubai-company-loses-53000-in-targeted-cyber-attack
• https://tdra.gov.ae/userfiles/assets/
• https://www.adyen.com/en_AE/knowledge-hub/retail-report
• https://www.pwc.com/m1/en/publications/documents/2024/2025-global-digital-trust-insights-middle-east-findings.pdf
• https://deepstrike.io/blog/cybercrime-statistics-202