Cyber Attacks Hit Gulf Institutions as Regional Conflict Moves Online

News

1. Cyber Attacks Hit Gulf Institutions as Regional Conflict Moves Online

2. xAI and Tesla Launch “Macrohard,” a Playful Dig at Microsoft

3. ‘Right Decision, Not Easy’: Atlassian Cuts 1,600 Jobs Ahead of AI Push

4. AI-Assisted DevOps Under Spotlight After Amazon Cloud Disruption

5. Saudi Arabia Doubles Down on AI Ambitions; Declares 2026 as the Year of AI

6. LeCun’s New Startup Raises $1.03 Billion for AI Beyond LLMs

As the conflict between the US, Israel, and Iran intensifies, Gulf states are increasingly feeling the spillover effects of a widening regional crisis — not only through military threats and disruptions to energy markets but also through a surge in cyber activity targeting critical infrastructure.

The current escalation began with coordinated US-Israeli strikes on Iranian military and strategic sites in late February, prompting retaliatory missile and drone attacks across the region and raising fears of disruption to shipping routes such as the Strait of Hormuz, a critical artery for global oil supplies.

Several Gulf countries have intercepted missiles and drones linked to the conflict, while aviation operations, energy infrastructure, and maritime traffic have faced growing pressure as the crisis enters its third week.

Against this backdrop, cybersecurity analysts say digital infrastructure across the Gulf has become an increasingly attractive target for politically motivated hackers and cybercriminal groups seeking to exploit the instability.

Surge in Cyber Activity

Cyberattacks targeting institutions across the Gulf have surged amid escalating military action by the United States and Israel against Iran, highlighting how geopolitical conflict is increasingly extending into digital infrastructure and affecting critical industries.

Banks, telecommunications providers, aviation systems, and government platforms across the region have all been targeted, according to cybersecurity and intelligence firms monitoring activity on dark web forums and messaging platforms such as Telegram.

Analysts say more than 60 hacker collectives mobilised within hours of the start of the conflict, with over 100 cyber incidents recorded across the Middle East during the first 72 hours, according to data from cybersecurity firm CloudSEK.

Most of the attacks have been relatively unsophisticated and have caused limited operational disruption so far. However, the low cost and accessibility of cyberattack tools are lowering the barrier to entry for potential attackers.

Low-cost Cyber Tools Lower Barriers

This wave of activity includes website defacements, distributed-denial-of-service (DDoS) attacks, in which large volumes of traffic overwhelm websites and render them inaccessible, and attempted intrusions into financial and government systems.

“For $100, you can access a DDoS toolkit for a month and launch unlimited attacks,” Manohar Reddy Pagilla, a threat researcher at cybersecurity company CloudSEK, told AGBI. Stolen corporate credentials circulating in cybercrime markets can cost as little as $10, he added.

The targets reflect the strategic importance of Gulf economies to global energy and trade networks.

Entities cited in attack claims include Saudi Arabia’s Riyadh Bank and Al Rajhi Bank, Kuwait International Airport, Bahrain’s Batelco, UAE telecom operator du, and several government ministries across the GCC, according to claims circulating on dark web forums monitored by cybersecurity analysts. The organisations have not responded to requests for comment.

Risks to Energy, Aviation, and Financial Systems

Cybersecurity experts warn that attacks on critical infrastructure could create broader economic ripple effects.

“Cyberattacks on energy infrastructure, ports, and aviation systems can create unpredictable market conditions, halt exports, and trigger cascading shortages for commodities like oil,” said Morey Haber, chief security adviser at software management company BeyondTrust.

The Gulf’s highly digitised infrastructure increases its exposure. Digital platforms underpin oil shipping schedules, airline operations, and financial transactions across regional hubs such as Dubai, Riyadh, and Doha.

The financial consequences of cyber breaches in the region are already significant. The average cost of a cybersecurity breach in the Middle East is about $8 million, nearly double the global average of $4.45 million, according to data cited by the World Economic Forum.

Governments across the GCC have increased investment in digital defence, and the region’s cyber threat intelligence market is expected to exceed $31 billion by 2030, according to industry forecasts.

Cyber Spillover Already Affecting Gulf Economies

“The cyber spillover from the [US-Israel and Iranian] escalation is already affecting Gulf economies mainly through disruption and defensive costs, rather than confirmed destructive attacks and concrete numbers on their direct financial cost,” said Marwan Hachem, founder of cybersecurity company FearsOff.

Now that the region has drawn greater attention from cyber actors, the broader implications may take time to emerge.

While cyber preparedness in the Gulf has improved significantly over the past decade, vulnerabilities remain. According to Haber, gaps persist in areas such as identity security, third-party access management, operational technology visibility, and coordination between public and private-sector responders.

Hacktivist Groups Seek Visibility as Well as Disruption

Many of the attacks appear designed primarily to generate publicity rather than long-term disruption.

“They make a lot of noise,” Pagilla said.

Hacktivist collectives, ransomware operators, cybercriminals who encrypt victims’ data and demand payment for its release, and brokers trading stolen data have been among the most active groups. Analysts note that such actors often exaggerate attacks on prominent organisations to amplify political messaging and damage reputations.

Several Iran-aligned hacktivist groups, including Handala, DieNet, and Ghost Princess, have claimed responsibility for attacks on regional infrastructure during the latest escalation, according to CloudSEK.

Banking Outages Highlight Potential Economic Impact

Even short service outages can carry significant costs. A banking system going offline for just a few minutes can interrupt millions of dollars in transactions, analysts say.

In the UAE, Abu Dhabi Commercial Bank and First Abu Dhabi Bank reported prolonged service interruptions over the past week, although it has not been confirmed whether the incidents were linked to cyberattacks. Neither bank responded to requests for comment.

The financial consequences of cyber incidents often unfold gradually. Losses typically appear later, particularly when stolen data begins circulating in underground markets.

Once credentials or internal corporate data are leaked and sold, organisations remain vulnerable to repeated intrusion attempts as attackers exploit the information over time.

Cyber Warfare Integrated into Military Conflict

Cyber operations have long been part of geopolitical confrontation. The Stuxnet worm, widely attributed by security researchers to US and Israeli intelligence agencies, sabotaged Iranian nuclear centrifuges more than a decade ago.

More recently, Russia’s cyber campaigns against Ukraine have demonstrated how digital attacks can disrupt power grids, deploy destructive malware, and influence information flows at scale. The 2017 NotPetya cyberattack, initially aimed at Ukrainian networks, spread globally and caused an estimated $10 billion in damage to multinational companies, according to academic and industry studies.

“The longer-term implication is that cyber operations are now fully integrated into military conflict,” Hachem said.

“For highly digitised Gulf economies, cyber resilience and protection of financial and energy systems will become an even more critical element of national security,” he added.