Cyber Security
Group-IB Outs High-Tech Crime Trends Report 2025 for META
State-sponsored cyber threats, including Advanced Persistent Attacks (APTs) and hacktivism, saw a sharp rise in the Middle East during 2024, with GCC countries identified as primary targets. These cyberattacks, largely driven by geopolitical tensions, are highlighted in Group-IB’s High-Tech Crime Trends Report 2025.
The report offers a detailed analysis of the interconnected nature of cybercrime and the shifting threat landscape in the Middle East and Africa. It provides actionable insights for businesses, cybersecurity professionals, and law enforcement to strengthen their defense strategies. While APTs in the Middle East saw a 4.27% rise compared to a global surge of 58%, a significant 27.5% of these state-backed espionage threats specifically targeted GCC nations, underlining the region’s vulnerability.
Commenting on the release of the report, Ashraf Koheil, Regional Sales Director MEA at Group-IB, said: “Our report captures the dynamic and complex nature of cyber threats faced by the Middle East today. It shows that cybercrime is not a collection of isolated incidents, but an evolving ecosystem where one attack fuels the next. From sophisticated state-sponsored attacks to rapidly evolving hacktivism and phishing campaigns, the insights presented in this report are essential for organizations seeking to strengthen their cybersecurity defenses.”
GCC nations remained prime targets for cyberattacks in 2024 due to their strategic economic and political significance. Other notable targets included Egypt (13.2%) and Turkey (9.9%), reflecting their geopolitical roles, while countries such as Jordan (7.7%), Iraq (6.6%), Nigeria, South Africa, Morocco, and Ethiopia also faced rising threats.
The Middle East and Africa (MEA) ranked third globally for hacktivist attacks, accounting for 16.54% of incidents, trailing Europe (35.98%) and Asia-Pacific (39.19%). Key industries affected included government and military sectors (22.1%), financial services (10.9%), education (8%), and media and entertainment (5.2%), with attacks often targeting critical infrastructure and essential services. These assaults were largely fueled by geopolitical tensions, serving as tools for ideological expression or political retaliation.
The report also highlighted persistent cybersecurity challenges in the MEA region, such as phishing and data breaches. With rapid digital transformation, the region has become a prime target for sophisticated scams, particularly in the energy, oil and gas (24.9%) and financial services (20.2%) sectors, driven by economic motives. Phishing attacks continue to be a major threat, heavily affecting internet services (32.8%), telecommunications (20.7%), and financial services (18.8%) in the META region.
“We must embrace a collective defense strategy that unites financial institutions, telecommunications providers, and law enforcement agencies. By sharing intelligence, coordinating proactive security measures, and executing joint actions, we can disrupt fraudulent activities before they cause harm. This collaborative approach not only enhances our ability to detect and prevent fraud but also strengthens the resilience of our critical infrastructure, protects our national security,” added Ashraf Koheil.
The report revealed that ransomware attacks in the MEA region remained relatively low, with only 184 incidents, marking the lowest globally. However, significant concerns persist regarding Initial Access Brokers (IABs) and the vulnerabilities they exploit. In 2024, IAB activity was notable, with GCC nations (23.2%) and Turkey (20.5%) as the most targeted areas. Egypt reported the highest number of compromised hosts (88,951), followed by Turkey (79,789) and Algeria (49,173), highlighting substantial cybersecurity gaps.
Stolen credentials and sensitive corporate information sold on the dark web have become critical entry points for cybercriminals, including ransomware operators and state-sponsored attackers. The report disclosed over 6.5 billion leaked data entries, with nearly 2.5 billion unique email addresses and 3.3 billion leaked entries containing phone numbers (631 million unique). Additionally, 460 million passwords were exposed globally in 2024, 162 million of which were unique. This surge in leaked data fuels the dark web economy and heightens risks for organizations and individuals worldwide.
Dmitry Volkov, CEO of Group-IB, said, “Group-IB played an intensified role in its global fight against cybercrime and contributed to eight major law enforcement operations across 60+ countries, leading to 1,221 cybercriminal arrests and the dismantling of over 207,000 malicious infrastructures. These efforts disrupted large-scale cybercriminal networks, highlighting the critical role of collaboration between private cybersecurity firms and international law enforcement.”
The report highlighted that threat actors utilized advanced tactics, techniques, and procedures (TTPs) like social engineering, ransomware, and credential theft. Emerging methods, including the Extended Attributes Attack, the Facial-Recognition Trojan (GoldPickaxe.iOS), and the ClickFix infection chain, illustrate the growing complexity and sophistication of cyber threats in the region.
Cyber Security
GISEC Global 2025: Phishing, Data Breaches, Ransomware, and Supply Chain Attacks Causing Challenges
Maher Jadallah, the Vice President for Middle East and North Africa at Tenable, says effective exposure management requires a unified view of the entire attack surface (more…)
Cyber Security
GISEC Global 2025: A Place Where Innovation, Partnerships, and Leadership Come Together
Meriam ElOuazzani, the Senior Regional Director for META at SentinelOne, says, the company will showcase its latest developments in AI-powered security solutions, reinforcing its position as a leader in this area (more…)
Cequence Security has announced significant enhancements to its Unified API Protection (UAP) platform to deliver a comprehensive security solution for agentic AI development, usage, and connectivity. This enhancement empowers organizations to secure every AI agent interaction, regardless of the development framework. By implementing robust guardrails, the solution protects both enterprise-hosted AI applications and external AI APIs, preventing sensitive data exfiltration through business logic abuse and ensuring regulatory compliance.
There is no AI without APIs, and the rapid growth of agentic AI applications has amplified concerns about securing sensitive data during their interactions. These AI-driven exchanges can inadvertently expose internal systems, create significant vulnerabilities, and jeopardize valuable data assets. Recognising this critical challenge, Cequence has expanded its UAP platform, introducing an enhanced security layer to govern interactions between AI agents and backend services specifically. This new layer of security enables customers to detect and prevent AI bots such as ChatGPT from OpenAI and Perplexity from harvesting organizational data.
Internal telemetry across Global 2000 deployments shows that the overwhelming majority of AI-related bot traffic, nearly 88%, originates from large language model infrastructure, with most requests obfuscated behind generic or unidentified user agents. Less than 4% of this traffic is transparently attributed to bots like GPTBot or Gemini. Over 97% of it comes from U.S.-based IP addresses, highlighting the concentration of risk in North American enterprises. Cequence’s ability to detect and govern this traffic in real time, despite the lack of clear identifiers, reinforces the platform’s unmatched readiness for securing agentic AI in the wild.
Key enhancements to Cequence’s UAP platform include:
- Block unauthorized AI data harvesting: Understanding that external AI often seeks to learn by broadly collecting data without obtaining permission, Cequence provides organizations with the critical capability to manage which AI, if any, can interact with their proprietary information.
- Detect and prevent sensitive data exposure: Empowers organizations to effectively detect and prevent sensitive data exposure across all forms of agentic AI. This includes safeguarding against external AI harvesting attempts and securing data within internal AI applications. The platform’s intelligent analysis automatically differentiates between legitimate data access during normal application usage and anomalous activities signaling sensitive data exfiltration, ensuring comprehensive protection against AI-related data loss.
- Discover and manage shadow AI: Automatically discovers and classifies APIs from agentic AI tools like Microsoft Copilot and Salesforce Agentforce, presenting a unified view alongside customers’ internal and third-party APIs. This comprehensive visibility empowers organizations to easily manage these interactions and effectively detect and block sensitive data leaks, whether from external AI harvesting or internal AI usage.
- Seamless integration: Integrates easily into DevOps frameworks for discovering internal AI applications and generates OpenAPI specifications that detail API schemas and security mechanisms, including strong authentication and security policies. Cequence delivers powerful protection without relying on third-party tools, while seamlessly integrating with the customer’s existing cybersecurity ecosystem. This simplifies management and security enforcement.
“Gartner predicts that by 2028, 33% of enterprise software applications will include agentic AI, up from less than 1% in 2024, enabling 15% of day-to-day work decisions to be made autonomously. We’ve taken immediate action to extend our market-leading API security and bot management capabilities,” said Ameya Talwalkar, CEO of Cequence. “Agentic AI introduces a new layer of complexity, where every agent behaves like a bidirectional API. That’s our wheelhouse. Our platform helps organizations embrace innovation at scale without sacrificing governance, compliance, or control.”
These extended capabilities will be generally available in June.
GISEC Global 2025: Phishing, Data Breaches, Ransomware, and Supply Chain Attacks Causing Challenges
GISEC Global 2025: A Place Where Innovation, Partnerships, and Leadership Come Together
Cequence Intros Security Layer to Protect Agentic AI Interactions
Commvault Enhances Cyber Recovery Offerings with CrowdStrike Incident Response
Bugcrowd Launches Crowdsourced Red Team as a Service
CyberKnight to Showcase Zero Trust Security 2.0 at Gartner SRM and GISEC Global 2025
Gartner Forecasts Spending on Information Security in MENA to Grow 14% in 2025
OPSWAT Opens Office in Saudi Arabia
SearchInform Expands Cybersecurity Awareness Programs Across the UAE
Commvault to Host SHIFT Cyber Resilience Roadshow in Dubai
UAE Workforce in 2025: Cybercrime, Stress, and Burnout Take the Spotlight
Video: Toshiba Presents Latest Hard Drives and QNAP NAS System Live Demo at INTERSEC 2025
Video: Toshiba Showcases its Latest Hard Disk Drives Through Live Demos at Intersec 2025
Video: Interview with Meriam ElOuazzani of SentinelOne
Video: Interview with Fred Crehan of Confluent at GITEX Global 2024
-
Artificial Intelligence1 week agoGenerative AI is Transforming Cybersecurity Across Detection, Defense, and Governance
-
Events1 week agoOPSWAT Joins GISEC 2025 as Middle East Confronts AI-Driven Cyber Threats
-
Cyber Security1 week agoProofpoint Unveils Unified Solution for Workspace Cost, Cyber Risk Reduction
-
Cyber Security1 week agoKuwait Renews Cyber First Initiative to Strengthen Digital Defenses for Vision 2035
-
Artificial Intelligence7 days agoFortinet Expands FortiAI Across its Security Fabric Platform
-
Cyber Security1 week agoAmiViz to Show Off the “Future of Cybersecurity” at GISEC 2025
-
Artificial Intelligence1 week agoHow AI is Reinventing Cybersecurity for the Automotive Industry
-
News7 days agoFuse Partners with Check Point Software