AMEINAH ALZEYOUDI (ABU DHABI)

Cyber attacks have expanded in scale and sophistication amid the regional crisis, and the UAE has been tackling them with a coordinated, multilayered defence apparatus that operates round the clock, a security expert told Aletihad.

Mohammad Ali Alawadi, a security and strategy adviser, cautioned that these online attacks have become a defining element of "fifth-generation warfare", as seen in how threats came surging toward cyber walls since the conflict broke out late February.

Alawadi recalled that at around the same time, the UAE Cybersecurity Council reported that the national cyber system had repelled a series of coordinated attacks targeting the country's digital infrastructure and critical sectors. The incursions, described as "terrorist in nature", were aimed at undermining national stability and disrupting essential services.

"Cyber attacks have evolved from purely informational or espionage tools into a critical component of modern warfare," he said. "As the regional crisis we're witnessing now has intensified, cyber risk has clearly risen as well."

In the face of these attacks, the UAE's cyber defence demonstrated its strength and resilience, the expert said. "The UAE's national security apparatus protects the country through a layered national system and in coordination with all security and law enforcement agencies and entities, rather than a single defensive tool or entity."

This integrated approach is geared toward enhancing protection, speeding up recovery, and bolstering resilience against cyber threats, Alawadi added. 

The UAE's National Cybersecurity Strategy is built on five major pillars and 60 initiatives, complemented by a critical information infrastructure protection policy designed to safeguard physical and virtual assets that support essential services.

Discussing the most dominant forms of cyberattacks, Alawadi noted that ransomware remains a growing operational threat, along with phishing and credential theft. Distributed denial-of-service (DDoS) attacks, website vandalism, and exploitation of weak systems are other common tactics.

He also warned of a rise in "wiper attacks", which seek to destroy data after it has been extracted, seriously disrupting operations.

Regionally, threat intelligence indicates that state-aligned and proxy actors may increasingly use spear-phishing, data exfiltration, and "hack-and-leak" operations against politically significant organisations.

The First Line of Defence 
While discussions of cyberattacks may seem too complex for many, Alawadi reiterated the authorities' long-standing message: "The human element remains the first line of defence."

Public awareness and prompt action are even more critical, he said, as the UAE's 2025 cybersecurity report revealed a broad attack surface. 

According to the State of the UAE Cybersecurity Report 2025, over 223,800 assets hosted within the country are potentially exposed to cyberattacks, with half of the critical vulnerabilities remaining unaddressed for more than five years.

In this landscape of online threats, individual actions and companies' cybersecurity policies can make a difference. Alawadi said that for individuals, securing digital spaces means keeping antivirus tools and software up to date; using approved VPNs for remote work when necessary; exercising caution on video conferencing platforms; avoiding untrusted networks; and promptly reporting suspicious links, messages, or phishing attempts through official channels.

For corporations, particularly those working remotely or in hybrid setups, the priority should be reinforcing core cyber hygiene and resilience, he added.

"That means securing home and office routers, hardening VPN access through whitelisting and other methodologies, patching exposed internet-facing assets, enforcing stronger access controls, maintaining backups, and preparing incident response procedures," the expert said.