Gulf states urged to deepen cyber ties as ransomware risks grow

Author:

Using an unordered list, summarize the following article with between 4 and 8 key points.
GCC urged to copy EU model

Gulf must ensure ‘operational resilience’

AI both a threat and a strength

Gulf states should forge deeper cyber ties as AI and ransomware create new vulnerabilities for critical national infrastructure, a cybersecurity expert has said.

Despite billions being invested in digital transformation, the GCC is exposed to many of the same threats facing Europe and North America, said Professor Alan Woodward, a cybersecurity specialist at the UK’s University of Surrey.

The EU has spent decades building systems for sharing intelligence and coordinating responses to cyber incidents through bodies such as the bloc’s law enforcement agency Europol and the European Union Agency for Cybersecurity.

“One European country gets attacked, shares that intelligence quickly and others can put protections in place before they become victims themselves,” Woodward told AGBI.

While Gulf states cooperate on cybersecurity through regional forums, including the GCC Ministerial Committee for Cybersecurity, “what Europe has done as a collective is form a centre of expertise,” he said. “You get a force multiplier. You get strength in numbers.”

Daniel Valle, CEO of tech services company SCC Middle East, which this month opened its first regional headquarters in the UAE, said digital infrastructure was “both a strategic asset and a point of vulnerability”.

Daniel Valle, CEO of SCC Middle East

“The region’s advantage will come not only from the pace of technology adoption, but from the quality of deployment and operational resilience behind it,” said Valle, who is speaking at the Data Center Infrastructure and Cloud Summit this week in Abu Dhabi.

Woodward said data centres and telecommunications networks are increasingly run by businesses, making information-sharing between governments and operators vital.

More than 80 percent of successful attacks still begin with phishing emails, stolen credentials or other relatively unsophisticated techniques, he added.

The warning echoes concerns raised by the UAE Cyber Security Council, which said in April that more than 75 percent of cyberattacks begin with phishing and fraudulent messages.

AI is making these tactics more effective by producing convincing social-engineering campaigns at scale. Woodward pointed to models such as Claude’s Mythos and the latest OpenAI systems, which can quickly identify software vulnerabilities which once took teams of specialists far longer to uncover.

“The AI will just carry on doing it when everybody goes home at six o’clock at night,” he said. “The bad guys will be using it, so you’ve got to keep up.”

Professor Alan Woodward, University of Surrey

Policymakers should consider encouraging mandatory reporting of ransomware incidents, Woodward said, allowing intelligence to be shared faster.

The UK is moving in that direction through proposals that would ban public bodies from paying ransomware demands, breaking the criminal models underpinning these attacks.

Focus is increasingly shifting from preventing every breach to limiting the damage when attacks occur.

“The reality is that it’s becoming near-impossible for organisations to stop every attack at the point of entry,” said Sam Tayan, regional vice president for the Middle East, Turkey and Africa at cybersecurity company Illumio.

“That’s why we are starting to see a shift in focus from trying to prevent every breach to containing how far an attacker can go once they’re inside.”

Nader Henein, research vice president for data protection and AI governance at US advisory firm Gartner, said the Gulf faced fewer constraints from ageing technology systems than many other jurisdictions.

“Perpetual modernisation allows organisations in the Gulf region to carry very little technical debt and adopt new capabilities without having to scale up teams to deal with legacy,” he said.

Henein noted that one of the region’s most underestimated cyber risks was a shortage of specialist talent. “Even with AI promising to close the skills gap, adoption will require more skilled cybersecurity professionals who are able to cut through vendor noise and discern actual rather than manufactured risks,” he said.

Cyber lessons learned

While the recent Iran conflict did not trigger the large-scale cyber campaign some analysts feared, it provided a fresh test of the region’s cyber resilience.

Data centres and cloud facilities were among the sites targeted during the war. Woodward, who has worked with organisations in the Gulf region, said he was surprised by the absence of a large-scale malware campaign accompanying the kinetic attacks.

“That would suggest that people are quite well prepared and have learned from experience.”

The region has previously experienced major incidents, including the Shamoon cyberattack on Saudi Aramco in 2012, which was attributed to Iranian-linked hackers and wiped data from about 30,000 computers.

Arguing that the price of security was “eternal vigilance”, Woodward added: “It’s not about assuming attacks won’t happen. It’s about making sure you can respond and recover when they do.”