With global cyberattacks on the rise, building cyber resilience has become a top national security priority.
The UAE urges vigilance as cyber threats escalate
The UAE has once again called on businesses, government entities, and the public to remain alert amid a rising wave of global cyberattacks. The warning, issued through official channels this month, underscores a growing reality: cyber threats are no longer abstract risks. They are immediate, sophisticated, and capable of disrupting every layer of national life — from critical infrastructure to private enterprise and even daily online routines.
Few voices have been more influential in raising this awareness than Omar Sultan Al Olama, the UAE Minister of State for Artificial Intelligence, Digital Economy, and Remote Work Applications, who also heads the government’s cybersecurity efforts. Al Olama has repeatedly highlighted that cyberattacks are evolving faster than conventional security measures. Under his leadership, the UAE has adopted a proactive approach, establishing new institutions, tightening regulations, and raising public awareness with a level of seriousness rarely seen in the region.
Why cybersecurity is so difficult to combat
Cybersecurity is inherently complex because attackers can adapt faster than most institutions can respond. Unlike traditional security threats, which are often visible as they cross borders or operate in physical space, cyberattacks are shapeless, anonymous, and can be launched from anywhere in the world.
The UAE, positioned at the crossroads of global finance, aviation, logistics, and energy, is a prime target for both criminal groups and politically motivated actors. Adding to the challenge is the persistent attribution problem: identifying the perpetrators — whether a lone hacker, a criminal syndicate, a terrorist network, or a hostile state — is often slow, uncertain, and technically difficult. This ambiguity allows attackers to operate with relative impunity and complicates both diplomatic and legal responses.
At the same time, hackers have grown significantly more sophisticated, employing AI-generated malware, deepfake-based social engineering, supply-chain intrusions, and coordinated ransomware-as-a-service campaigns capable of bypassing traditional defenses. Some attacks are designed to remain dormant for months, quietly harvesting data before unleashing large-scale disruption. In a rapidly digitising ecosystem like the UAE — where government services, banking, healthcare, and critical infrastructure are deeply interconnected — every new digital interface represents a potential vulnerability.
Today’s cyberattacks go far beyond data theft. They can paralyse ports, halt oil pipelines, manipulate financial transactions, and compromise personal identities. Protecting against such threats demands constant adaptation, advanced monitoring, and, most importantly, a population that treats cyber hygiene as an essential life skill.
What’s at stake for the UAE?
The UAE’s warning comes at a critical time, as cyber risks affect multiple layers of national resilience. Economically, breaches can cause severe disruption across banks, airlines, e-commerce platforms, and supply-chain networks. For businesses, a successful attack can lead to costly downtime, reputational damage, regulatory penalties, and the loss of sensitive commercial data.
Government entities face threats to service continuity, potential data manipulation, and disruptions to smart-city systems. At the national security level, foreign actors could target energy infrastructure, ports, airports, or defense-related technologies, challenging the UAE’s digital sovereignty.
This underscores the urgency of the latest warnings: they are not merely expressions of concern, but reminders that cybersecurity is no longer just a technical issue — it is a matter of national priority.
What the UAE has done to strengthen cyber resilience
The UAE has developed one of the most comprehensive cybersecurity frameworks in the region, built on robust institutions, regulatory reforms, and a culture of continuous vigilance.
A cornerstone of this effort is the UAE Cybersecurity Council, established in 2020 and chaired by Omar Sultan Al Olama. The Council coordinates national cybersecurity policy, threat response, and readiness exercises across federal and local entities. Under Al Olama’s leadership, it launched the National Cybersecurity Strategy, aimed at protecting critical infrastructure, enhancing digital resilience, and improving information-sharing between government and private-sector partners.
The UAE has also strengthened the role of the UAE Computer Emergency Response Team (aeCERT), which monitors threats, assists government agencies during cyber incidents, and provides guidance to businesses on emerging vulnerabilities. aeCERT has played a key role in detecting ransomware campaigns, phishing attacks, financial fraud networks, and targeted intrusions into critical sectors.
Legal and regulatory reforms
Legal and regulatory measures have been a central pillar of the UAE’s cybersecurity strategy. The country introduced the Cybercrime Law (Federal Decree Law No. 34 of 2021), modernising earlier legislation and imposing strict penalties for hacking, identity theft, online extortion, impersonation, and misuse of digital platforms. The law is part of a broader digital governance framework that includes data-protection regulations, cloud compliance standards, and sector-specific cybersecurity requirements for banking, aviation, and telecommunications.
The UAE has also implemented targeted countermeasures to address threats from individuals, terrorist actors, and foreign governments. These include joint cyber threat–intelligence platforms with international partners, cybersecurity drills simulating state-sponsored attacks, directives requiring critical infrastructure operators to adopt advanced encryption and zero-trust security models, and national awareness campaigns aimed at curbing online recruitment and radicalisation.
In the defence and energy sectors, the UAE has rolled out advanced resilience programmes in collaboration with leading technology firms. ADNOC, for example, has developed specialised cybersecurity operations to protect energy infrastructure. The aviation sector, particularly Emirates and Etihad Airways, follows coordinated cybersecurity protocols aligned with international aviation standards. Meanwhile, Dubai’s Digital Security Sector and Abu Dhabi’s Smart Solutions and Services Authority (ADSSSA) have issued comprehensive guidelines for critical information infrastructure and government cloud systems.
Promoting public awareness
Public awareness campaigns have become a key feature of the UAE’s cybersecurity approach. The Cybersecurity Council regularly issues alerts about phishing scams, fraudulent investment schemes, and malware targeting residents. Schools, universities, and workplaces are increasingly integrating cybersecurity awareness into training programmes, reflecting Al Olama’s belief that cybersecurity is ultimately a shared responsibility.
A digital future that must be protected
The UAE’s rapid digital transformation has created one of the world’s most advanced e-government, finance, and smart-city ecosystems. But with these achievements comes exposure. As Omar Sultan Al Olama has consistently stressed, a nation leading in AI, fintech, and digital services must also be at the forefront of cybersecurity.
The recent government warning is not a sign of weakness but a mark of maturity. It reflects a modern understanding that cyber threats are dynamic, and that resilience requires continuous vigilance, investment, and cooperation. In this way, the UAE’s approach is both pragmatic and forward-looking — recognising that the digital future it is building must be protected with the same seriousness traditionally reserved for physical security.
Cybersecurity has become one of the UAE’s most critical pillars of national resilience. As the country’s digital footprint expands, the message from its leadership is unmistakable: innovation can only flourish when security keeps pace. The UAE is committed to ensuring it does.
Dr Kristian Alexander is a Senior Fellow and Lead Researcher at the Rabdan Security and Defense Institute, Abu Dhabi, UAE.
