The United Arab Emirates is reeling from an alarming cybersecurity incident as the Cybersecurity Council confirmed that national cybersecurity systems successfully thwarted a significant wave of cyberattacks targeting both government and private entities. On March 24, 2025, officials revealed that a total of 634 entities were under assault, all aimed at leaking sensitive data from vital sectors across the nation.
Dr. Mohamed Al Kuwaiti, Head of Cybersecurity for the UAE Government, detailed the extent of the attacks, noting that a threat actor known as "rose87168" had claimed to compromise the Oracle Cloud platform. This infiltration resulted in the leak of approximately six million customer records globally, marking a serious breach in data security. Al Kuwaiti explained, "rose87168 claimed to have breached Oracle Cloud's SSO and LDAP, leading to the leak of approximately six million customer records globally." This incident is not just a local affair; estimates indicate that around 140,000 entities worldwide could have been affected by the breach.
Among the 634 entities in the UAE impacted, there were approximately 30 government bodies and 13 private organizations. These statistics highlight the severe risk posed to national cybersecurity infrastructure and the data of millions.
In immediate response to these threats, the UAE’s emergency cybersecurity systems were activated, collaborating with relevant authorities to mitigate ongoing assaults and safeguard the nation’s cyberspace. The Cybersecurity Council has urged all institutions, both governmental and private, to bolster their cybersecurity defenses, improve their levels of cyber readiness, and report any suspicious activities targeting their digital systems.
As the Council noted, the nature of cyber threats is evolving rapidly. Dr. Al Kuwaiti accentuated the necessity for enhancing cybersecurity measures: "The Cyber Security Council urged all government and private institutions to strengthen their cybersecurity defenses, improve their cyber preparedness, and immediately report any suspicious activities to safeguard the UAE's cyberspace." A statement that encapsulates the urgency of the situation, it emphasizes the importance of vigilance and adherence to best security practices in combating increasingly sophisticated cyber fraud techniques.
This incident following a previous event on January 17, 2025, when UAE cybersecurity systems executed a successful defense against nearly 200,000 daily ransomware attacks, amplifies concerns about the frequency and complexity of cyber threats. Officials are sounding alarms not just for their immediate work but for the future landscape of cybersecurity across the region.
As the UAE navigates these challenges, the ongoing commitment to cybersecurity readiness lies at the heart of national interests. The stakes are high as the digital world continues to grow at an unprecedented pace. The Government and the Cyber Security Council have emphasized that continuous developments in cybersecurity practices are vital to countering these ongoing threats effectively.
Caught in a web of increasing cyber risks, the UAE is pushing forward, determined to impose stringent measures and equip sectors with necessary tools to become resilient against future attacks. These actions are all aimed at protecting citizens, businesses, and the integrity of vital national systems. As we learn more about the nature of yesterday’s attacks and implications for today, one thing remains clear: concerted efforts are crucial to securing not just the UAE's digital foundations but also those of the global community.
