Dubai, June 2025 — A new generation of cyber threats is sweeping across the UAE, powered by artificial intelligence and evolving faster than conventional security tools can adapt. From deepfake-driven fraud to autonomous ransomware campaigns, attackers are leveraging AI to breach defenses, manipulate trust, and exploit vulnerabilities at scale.
Recent insights from the UAE Cybersecurity Council highlight that over 200,000 cyberattacks are being blocked daily, with a growing number showing signs of AI-enabled behavior including self-learning malware, personalized phishing and evasive code morphing. As the country doubles down on its digital and AI transformation, cybercriminals are responding in kind, bringing intelligence and automation to the frontlines of cyber warfare.
Deepfakes Redefine Social Engineering
One of the most pressing concerns is the use of deepfake audio and video to execute high-impact social engineering attacks. Criminals are using AI to clone voices or faces of company leaders and public figures, creating realistic videos or voice notes that trick recipients into wiring money or revealing confidential data.
In some reported cases, employees were duped into transferring millions after receiving what appeared to be legitimate instructions from their CEO only to find out later that the voice and video were entirely synthetic. These attacks are difficult to detect without advanced forensic tools, and they exploit human trust at its core.
Ransomware Learns and Adapts
The ransomware landscape in the UAE is also undergoing a significant shift. In 2025, there has been a notable 30+% rise in ransomware incidents, many tied to ransomware-as-a-service (RaaS) platforms like Lockbit3, Medusa and RansomHub. These groups now deploy AI-enabled ransomware that can adapt its attack sequence in real-time evading endpoint defenses and launching encrypted payloads only when conditions are ideal.
This new breed of malware doesn’t just demand a ransom it learns user behavior, identifies critical assets, and even leverages double extortion tactics by threatening public leaks if payment isn’t made.
AI-Powered Malware and Autonomous Threats
Beyond ransomware, AI is being used to create malware capable of navigating enterprise networks on its own. These autonomous agents can scan for vulnerabilities, adjust attack vectors and escalate privileges all without manual intervention. Such malware can remain dormant for weeks, monitoring activity and waiting for the perfect moment to strike.
This evolution has prompted concerns about long-dwell-time attacks and AI-enhanced advanced persistent threats (APTs), especially in industries managing sensitive data like healthcare, banking, and national infrastructure.
UAE’s Proactive Response
The UAE continues to take bold steps to counter this surge. The Cyber Security Council, in collaboration with CPX Holding, is advancing the national defense posture by promoting zero-trust frameworks, mandating regular security assessments and developing AI-focused regulatory policies to govern deepfake misuse and data encryption.
There is also a growing emphasis on cyber awareness training, helping organizations detect social engineering attempts early and minimize human error often the weakest link in security chains.