DDoS cyberattacks in the UAE surge 862% in five years

Distributed Denial-of-Service (DDoS) cyberattacks in the UAE surged from 38,797 in 2019 to 373,429 in 2024  —  a staggering 862.45 per cent increase, a report showed on Wednesday.

The State of the Market Report 2025 by Help AG, the cybersecurity arm of e& enterprise, reveals a sharp escalation not only in volume but also in sophistication, with attacks becoming more targeted and persistent. In one instance, a single DDoS attack lasted more than 35 days in 2024. While volumetric attacks were fewer, the strategic focus on government and critical infrastructure is raising significant alarm across the cybersecurity community.

The report highlights the rise of GenAI-powered phishing and impersonation attacks that are faster, stealthier, and harder to detect. Phishing remains the top threat vector, initiating 90 per cent of incidents in 2024, while credential-based breaches were involved in nearly 45 per cent of reported cases.

Ransomware has continued to evolve, with 66 per cent of organisations in the GCC impacted and many facing ‘double extortion’ tactics. The consequences are not just operational as 36 per cent of companies that suffered breaches reported board or C-suite fallout.

Speaking at the sidelines of the launch, Stephan Berner, Chief Executive Officer of Help AG, said: “We are witnessing a shift from cybersecurity to cyber autonomy where systems don’t just defend, they decide. In a region driving the world’s most ambitious digital projects, automation alone is not enough. Autonomy, built on trust, intelligence, and sovereign infrastructure, is the new frontier.”

Nicolai Solling, Chief Technology Officer of Help AG, added: “Resilience in cybersecurity now means protecting the technologies shaping our future — AI, quantum computing, and the expanding digital ecosystem. At Help AG, we enable organisations to stay not only secure, but agile in the face of rapid innovation and growing complexity.”

The report highlights the concerning rate of data exfiltration attacks, which are becoming more sophisticated, using stealthy tools like collaboration apps and cloud storage to siphon information undetected. Attackers are able to quietly steal data, making breaches harder to trace and more damaging. This shift demands advanced monitoring and tighter controls on outbound traffic and third-party integrations.

With a year-on-year spike of 236 per cent in Security-as-a-Service adoption, increased cloud misconfigurations, and evolving Operational Technology/Internet of Things (IoT) threats, the Help AG report outlines a roadmap of priority investments.  

Stephan Berner, Chief Executive Officer of Help AG (left) and Nicolai Solling, Chief Technology Officer of Help AG

Top priorities for 2025

Securing AI ecosystems and critical data: With GenAI-driven threats escalating, organisations must secure their AI models, Application Programming Interfaces (APIs), and sensitive data pipelines. Help AG highlights the urgent need for securing both human and machine users across the full AI lifecycle, backed by robust governance, API protection, and Software-as-a-Service (SaaS) observability.

Identity and access management (IAM): Strengthening IAM with adaptive authentication, behavioral monitoring, and advanced access controls is now foundational to defending critical assets.

Cloud security posture management (CSPM): Cloud misconfigurations and human error remain leading causes of breaches. Robust CSPM strategies help organisations proactively identify, prioritise, and remediate risks across multi-cloud environments, supporting secure, compliant growth.

AI-powered detection and response (UEBA/NDR): As cyberattacks grow more sophisticated, AI-driven solutions like user and entity behavior analytics (UEBA) and network detection and response (NDR) are critical for real-time threat detection, insider risk management, and adaptive incident response.

Quantum-readiness assessment and strategy development: While quantum computing threats are still emerging, Help AG stresses the need to act now. Organisations must assess crypto-inventories, prioritise migration planning, and integrate post-quantum security into long-term strategies to protect high-value assets.

Cybersecurity consolidation and platformisation: With complexity becoming a major risk, organisations are accelerating cybersecurity consolidation — favouring unified platforms that integrate detection, response, threat intelligence, and compliance. Help AG’s report shows a strong shift toward multi-year Opex-driven models and managed security services, aligning investments to business outcomes.

Building cyber resilience by design: In today’s world, cyber resilience defines competitive advantage. Help AG advocates investing in integrated backup, recovery, digital forensics and incident response (DFIR) capabilities, and managed cyber defence services — ensuring organisations can contain, recover, and thrive after incidents, not just prevent them.