More than 71 million attempted cyber attacks in the UAE have been blocked in the first three quarters of the year, the head of the country's Cybersecurity Council said.
Despite authorities successfully fending off the attacks, Dr Mohammed Al Kuwaiti called on organisations to remain vigilant against hackers.
He urged the public and the private sector to take precautions to protect their systems, phones and data from being hacked.
The National also spoke to cyber security experts who laid out the steps required to keep data safe from criminals.
“The UAE deterred more than 71 million cyber attacks in the first three quarters of 2023,” Dr Al Kuwaiti said.
“The cyber security system is important as it is the first front line for organisations and entities. Amid the major development in the digital era, the council is playing a key role in foiling cyber attacks."
The Cybersecurity Council was established by in 2020 as cyber threats and attacks surged around the globe.
The council is responsible for legislation to strengthen cyber security, subject to UAE Cabinet approval.
Dr Al Kuwaiti said in May that the country was fending off more than 50,000 cyber attacks a day.
He said in March that ransomware attacks in the UAE declined by more than 70 per cent at the start of 2023, compared with the same period during 2022.
About two in three businesses (64 per cent) in the country was the victim of a ransomware attack last year, according to a report from cyber security firm Proofpoint.
Rising number of attacks
Nicolai Solling, chief technology officer at tech firm Help AG, told The National that cyber attacks were on the rise globally.
He said every sector was a target for cyber security attacks.
“We work with organisations from various sectors, and we deal with 50 potential incidents every day, generating two trillion data points per year,” he said.
The cyber security expert said the threats were evolving and becoming more sophisticated all the time.
Ransomware continues to be a major issue when it came to cyber security, he added.
“When we look into what is impacting the average user, we find that scams and fraud are among the top threats," Mr Solling said.
"In the modern day, these threats take an electronic form because that is how we live our lives.”
How a company or a person responds to a cyber attack could determine its effect, Mr Solling said.
“The difference between surviving a cyber attack and collapsing under its weight is in how the organisation reacts to it. It is vital to have a detailed response plan in place," he said.
"Think of it like having a spare tyre in your car. You don't plan to get a puncture, but you need a backup in case it happens."
Severe penalties in place
Emirati lawyer Mohammad Al Najjar told The National that the UAE has strict laws and legislation against cyber security crimes.
“There are popular crimes such as e-fraud, hacking and digital piracy. There are difficulties in catching the cyber crimes suspects as they are working from outside the UAE,” Mr Al Najjar said.
“The person committing the cyber crime might be outside the country hacking the systems. It requires collaboration between the countries regarding the laws and extradition of suspects through Interpol.”
Mr Al Najjar said offenders faced stiff penalties when they were caught.
“Anyone who causes damage or halts a website will be jailed for six months and fined between Dh150,000 and Dh500,000 [$40,844 to $136,147],” he added.
For hacking a government website, the penalty is a seven-year jail sentence and a fine of between Dh250,000 and Dh1.5 million.
How to stay safe from cyber attacks
Mr Solling has compiled several tips to help the public reduce the threat from hackers.
- Install software updates, do not use your work devices for personal use and, vice versa, ensure your device is secured before using public Wi-Fi networks
- Turn on multifactor authentication on all platforms
- Never reuse a password. This way, if a cyber attacker is able to crack one of your passwords, the damage is limited to a single account, instead of compromising your whole digital identity
- If you find yourself being pushed to take urgent action – “if you don’t click this link, your bank account will be blocked” – pause and think about how you should react
- You can always call your bank from a verified number to confirm any communication is legitimate
- Remember that in general, companies will not ask you to share confidential information, including passwords, OTP codes, account details, or credit card information over channels such as phone, email and messaging services