Triple extortion, AI phishing: UAE banks face evolving cyber threats

Khaleej Times

4 days ago

From hyper-personalised phishing emails to ransomware attackers leaking stolen data before encryption, cyber threats in the banking and financial sectors are growing faster than many institutions can adapt.
At the FutureSec Summit 2025, hosted by Khaleej Times in Dubai on Wednesday, cybersecurity leaders warned that even tightly regulated sectors, such as BFSI (Banking, Financial Services, & Insurance), are now facing more complex, intelligent, and coordinated cyberattacks.
"More than 95 per cent of cyber incidents still begin with social engineering," said Hala Elghawi, Regional Cybersecurity Risk Specialist. "Phishing emails have become highly sophisticated, especially with AI-generated spear phishing. These are tailored to specific individuals, making them incredibly hard to detect — even by trained professionals."
Elghawi added that traditional ransomware attacks have evolved into what experts are calling triple extortion tactics: "Attackers now first exfiltrate data and leak it online, then encrypt systems, and finally demand ransom. If companies hesitate, they escalate by threatening to publish or sell the data. The pressure is intense."
She also pointed to the rising availability of malware-as-a-service platforms, which have made it easier and cheaper for less technically skilled actors to launch serious attacks.
Regulation, culture, and AI
While regulation in the UAE is evolving rapidly, experts emphasised that compliance alone is not enough.
"The Central Bank of the UAE took a very forward-looking step in 2024 with two key regulations," said Rohit Bajpai, Head of Internal Audit at Gulf Islamic Investments. "One was the introduction of open finance rules, extending data-sharing frameworks to insurance firms under customer-consent models. The second was a regulatory sandbox that allows firms to safely test AI and digital tools in a controlled environment."
These shifts, he noted, create an environment that fosters innovation without compromising risk controls.
But according to Linoy Kidd, Chief Information Officer at HSBC MENAT, the human element remains just as critical:
"Cybersecurity must be part of the organisational DNA. It's not just about XDR or MFA. It's about accountability at every level, first line, second line, and third line of defence," she said. "Training, awareness, and a culture of vigilance are just as important as technology."
Multi-cloud chaos
Expanding the conversation beyond finance, Georges Farah, Head of Container Security for Kaspersky (Middle East, Turkey, and Africa), echoed that the shift to hybrid and multi-cloud environments is creating serious visibility challenges.
"With every additional cloud provider, you get more flexibility but also more blind spots," Farah said. "Only about 51% of organisations today say they have fully unified visibility across their infrastructure. That's where attackers thrive."
He cautioned against a common mistake: trying to enforce the same low-level configurations across different cloud providers.
"You need a top-down approach," he explained. "Start with master policies in plain English, what data needs to be protected and why—then translate those into cloud-specific tools and configurations. Automate what you can, but make sure it's strategic, not reactive."
Despite the evolving threat landscape, speakers expressed optimism that AI could be as much a solution as a risk if adopted correctly.
"Machine learning lets us detect threats faster, identify patterns, and even automate containment," said Elghawi. "Instead of replacing people, it should free them to focus on strategy and innovation."