UAE Foils AI-Powered “Terrorist” Cyber Attacks Targeting Vital Infrastructure

The United Arab Emirates has thwarted a series of what officials described as organised cyber attacks of a terrorist nature targeting vital national sectors. The announcement was made over the weekend by the UAE Cyber Security Council, which confirmed that multiple attempts to infiltrate critical systems had been successfully disrupted.

Authorities did not disclose specific targets, but stated that the attacks focused on key national platforms and infrastructure networks. The incidents reportedly included attempts to breach internal systems, deploy ransomware payloads and launch coordinated phishing campaigns designed to compromise sensitive credentials.

AI-Enabled Offensive Capabilities

According to the council, the attacks involved the exploitation of artificial intelligence technologies to develop sophisticated offensive tools. Officials described this as a qualitative shift in the methods employed by hostile actors, reflecting a growing ability among terrorist groups and affiliated networks to harness advanced digital capabilities.

While detailed technical indicators were not released, the statement suggested that AI was used to enhance reconnaissance, automate phishing operations and potentially adapt attack payloads dynamically. This evolution mirrors a broader global trend in which malicious actors integrate machine learning and generative AI into operational workflows.

Security analysts note that AI-assisted campaigns can significantly reduce preparation time. Automated content generation enables large scale phishing waves that appear more convincing and linguistically accurate, increasing the likelihood of successful credential harvesting.

Scale of Threat Activity

The announcement comes days after Dr Mohamed Al Kuwaiti, head of the UAE Cyber Security Council, revealed the scale of daily cyber activity directed at the country. He stated that between 90,000 and 200,000 breach attempts target the UAE every single day, with a significant portion described as state-sponsored.

These figures illustrate the intensity of digital pressure facing national infrastructure. Public and private sector systems are routinely subjected to scanning, probing and exploit attempts originating from multiple regions.

Data cited in local reporting indicates that Asia accounts for approximately 66.7 percent of state-sponsored actor origins, with Europe responsible for 14.3 percent. The remaining activity stems from Middle Eastern or cross-regional sources, though specific countries were not identified.

Geopolitical Tensions and Digital Narratives

Officials have linked the increase in hostile activity to heightened geopolitical tensions across North Africa, the Gulf and the broader Middle East. Online narratives targeting the UAE have intensified, accompanied by conflict-driven discourse and diplomatic friction in digital spaces.

Dr Al Kuwaiti previously warned that AI-enabled disinformation campaigns are contributing to rumour propagation and hacktivist mobilisation across regional digital ecosystems. Coordinated online narratives can act as force multipliers, amplifying cyber campaigns and encouraging ideologically motivated disruptions.

Western governments have historically attributed significant state-sponsored cyber activity to Russia, China, North Korea and Iran, a characterisation those countries have denied. The UAE has not publicly attributed the recent incidents to any specific nation or group.

Strengthening National Cyber Resilience

The Cyber Security Council emphasized that the UAE has invested heavily in defensive technologies over the past decade. Advanced monitoring systems, threat intelligence platforms and coordinated incident response mechanisms have been deployed to safeguard public and private infrastructure.

In previous interviews, Dr Al Kuwaiti described cyber crime, cyber terrorism and cyber warfare as central priorities for the state. He also outlined ambitions for the UAE to become an exporter of cybersecurity talent, positioning the country not only as a defensive leader but as a contributor to global digital resilience.

The latest thwarted campaign underscores a broader reality facing nations worldwide. As artificial intelligence becomes more deeply embedded in both defensive and offensive cyber capabilities, the boundary between conventional cyber crime and digitally enabled terrorism continues to blur.

For governments and enterprises alike, the evolving threat landscape demands continuous adaptation. Automated attacks, AI-driven social engineering and cross-border coordination are no longer theoretical risks. They are operational realities shaping national security in 2026.