UAE firms most attacked by cybercriminals in Gulf: Report

In the GCC in particular, 42 companies had data, files and information published on DLS following ransomware attacks. From these 33 percent of organisations were in the UAE, 29 percent in Saudi Arabia, followed by Kuwait, Qatar, Oman and Bahrain. Energy, telecoms, IT and manufacturing were the most targeted sectors.

Ransomware attacks

The research revealed that 2,348 instances were detected of corporate access being sold on dark web forums, twice as much as compared to the preceding period.

Globally, over 2800 companies had their information, files and data published on DLS from H2 2021 to H1 2022. It is noted that the actual number of ransomware attacks is believed to be significantly higher as many victims choose to pay the ransom and some ransomware gangs do not use dedicated leak sites.

“It is worth noting that the number of victims whose data was published in the wake of ransomware attacks in H2 2020 – H1 2021 was 935 percent up from the preceding year. As a result, the 22 percent year-on-year growth seen in the observed period suggests that the Ransomware-as-a-Service market has passed the phase of rapid growth and is now beginning to stabilize,” said Dmitry Volkov, CEO at Group-IB.

The most affected countries, according to the report were Israel, South Africa, Turkey, UAE and Saudi Arabia. The most active ransomware gang in the MEA market was Lockbit, responsible for 37 percent of publications for victims’ data on designated leak sites.

“Ransomware gangs have been able to craft a stable market for their criminal enterprises, and the ransom demands issued to companies once they have been attacked are continuing to rise rapidly. Many of the most prominent ransomware gangs have turned into criminal startups. They have a rigid hierarchy and bonuses for overachievement. While the growth trends might slow down, it is likely that the ransomware market could consolidate further, continuing a trend seen in H2 2021 – H1 2022.”