- 15% of MENA businesses have been targeted
- Ransomware is projected to cost $240 billion annually
- Data centers are high-value targets
In the Middle East, businesses are facing a growing threat from cyber attacks, particularly ransomware. According to a cybersecurity expert interviewed by AGBI, the security weaknesses that facilitate these attacks often originate within the organization itself.
According to consultancy PwC, approximately 15 percent of organizations in the region have experienced data breaches, each costing over $100,000.
Predictions from cybersecurity firm Mimecast indicate that by 2025, the global costs associated with ransomware could reach $57 billion annually, soaring to over $20 billion monthly by 2031.
Ransomware attacks involve cybercriminals infiltrating an organization’s systems to lock data or disrupt operations, demanding payment to restore access or threatening to disclose stolen information.
Phishing scams, where attackers masquerade as trusted sources to extract sensitive information or deliver malicious links, can be a gateway for ransomware infections.
Past attacks have paralyzed hospitals, disrupted energy and logistics services, and have the potential to diminish investor confidence in companies. Even a single mistake by an employee falling for a phishing attempt can lead to millions in losses and significant damage to reputation.
Andria Delia, a cyber threat intelligence expert, remarked, “Ransomware has become the new oil spill. It spreads rapidly, incurs billions in costs, and leaves lasting reputational harm long after recovery.”
The most significant risks often stem from within, typically manifesting in one of three ways: a malicious employee actively participating in the attack, employees selling information to criminals, or more commonly, an employee inadvertently making a mistake, Delia elaborated.
As an example, in 2021, a ransomware group targeted Moorfields Eye Hospital Dubai, compromising data that included ID card copies, financial documents, call logs, and internal correspondence. They encrypted this data and demanded a ransom, threatening to leak it if not paid.
Moorfields Eye Hospital Dubai concluded that the ransomware was likely delivered through an email to a staff member or via a malicious advertisement.
Ransomware Live reports that government and defense sectors have faced numerous ransomware attack attempts in Saudi Arabia and the UAE.
At Gitex 2025, Delia will facilitate a workshop aimed at preparing organizations for ransomware incidents.
Her workshops simulate a genuine cyberattack, as if employees are stepping into work on the day of the attack. They encounter a screen message locking them out and demanding ransom payments in cryptocurrencies, mirroring real-world scenarios.
From then on, workshop participants collaborate with Delia to implement a response plan for the first 48 hours, which she describes as the most critical period during such incidents.
Every team member, from IT staff addressing the malware to communications teams managing external messaging, has a vital part to play in responding to a ransomware attack, which is why she includes diverse disciplines in her sessions rather than just technical teams.
The aim is to give participants practical experience in managing crisis situations.
Further reading:
Further reading:
Delia emphasized the importance of this type of preparation in the Middle East, especially given the rapidly expanding digital infrastructure needed to support AI and cloud computing industries.
Data centers represent “one of the most lucrative” targets for ransomware, according to Delia, due to the immense quantities of data available for extraction and ransom.
Are these threats increasing? “Yes, absolutely,” she affirmed.
Cybersecurity trends and threats in the region will likely be key topics at Gitex 2025, scheduled to take place in Dubai from October 13-17. AGBI is an official media partner for this year’s Gitex—stay tuned for our exclusive tech coverage leading up to the event.
