On the sidelines of GITEX Global 2025, Kaspersky revealed alarming data showing a sharp escalation in cyber threats across the Gulf Cooperation Council (GCC). According to Kaspersky’s remote telemetry, the company’s security solutions detected and blocked over 50 million web and local threats during the first eight months of 2025 across the region — reflecting the growing sophistication of cyberattacks targeting both individuals and enterprises.
Ransomware and Spyware Attacks on the Rise
The report shows that ransomware attacks in GCC countries increased from 0.24% to 0.30% of total users during the same period. While this percentage may seem modest, experts warn it falls within the normal range for highly targeted ransomware operations. Unlike older, random attack patterns, modern ransomware groups are focusing on high-value targets — including corporations and government entities — which amplifies the potential impact of each successful breach.
In parallel, password-stealing malware detections surged by 21%, while spyware incidents climbed by 34%, revealing an industry-wide shift toward long-term, stealth-based infiltration rather than immediate disruption.
Corporate Cyber Threats Intensify
Corporate environments have become a major focus for cybercriminals. Backdoor detections jumped 32%, granting attackers remote control of infected systems. Exploits targeting software vulnerabilities increased by 21%, with Microsoft Office being the most attacked application suite during this period. Even more concerning, password theft attempts targeting companies rose by 72%, and spyware attacks on enterprises increased by 58%, underscoring the urgent need for multi-layered cybersecurity strategies.
Expert Insight: Strategic and Stealthy Threats
Commenting on these findings, Maher Yamout, Principal Security Researcher at Kaspersky, stated:
“Cybercriminals are adopting far more strategic approaches. Instead of mass attacks, they increasingly use sophisticated tools like spyware, backdoors, and password stealers — threats that are hard to detect and remain active for long periods. These attacks often result in stolen credentials being sold to ransomware groups or other actors, leading to deeper, long-term consequences. This trend highlights the critical need for advanced threat detection and intelligence across GCC institutions.”
Kaspersky’s Recommendations for GCC Organizations
To strengthen cybersecurity resilience, Kaspersky experts advise businesses and government entities in the GCC to adopt the following best practices:
-
Deploy advanced solutions such as Kaspersky Next, which integrates endpoint and cloud protection with XDR/EDR capabilities for detecting, investigating, and responding to complex threats like ransomware and spyware.
-
Regularly update software, especially widely used applications like Microsoft Office, to reduce the risk of exploit-based attacks.
-
Leverage Kaspersky Threat Intelligence services to stay informed about evolving cybercriminal tactics and defense strategies.
-
Train employees to recognize phishing and malware distribution techniques that are commonly used to spread infections.
-
For individuals, Kaspersky Premium offers comprehensive protection against online threats and secures personal devices.