A threat actor group Stormous Ransomware, affiliated with the Five Families alliance, has claimed responsibility for alleged cyberattacks targeting several prominent UAE entities.

The list allegedly includes Bayanat, the sovereign wealth fund's analytics and geospatial intelligence arm; Kids.ae, the government's digital platform for children; the Telecommunications and Digital Regulatory Authority (TDRA); the Federal Authority for Nuclear Regulation (FANR); and the Sharik citizen portal.

[caption id="attachment_66225" align="aligncenter" width="1024"] Source: X[/caption]

While Stormous hasn't disclosed details about the nature of the attacks, the data types or size potentially compromised, they've left a message with a link to their blog on the Tor network, urging targets to "stay informed" and offering "more information.

These alleged cyberattacks on UAE entities have heightened anxieties as they suggest potential data leaks if ransom demands aren't met.

[caption id="attachment_66224" align="aligncenter" width="403"] Source: X[/caption]

Five Families Cyberattack Claims

This incident comes on the heels of a much larger cyberattack claim by the Five Families earlier, where they targeted a vast number of UAE entities across various sectors. Governmental and private entities like the Roads and Transport Authority (RTA), the Ministry of Cabinet Affairs, and several ministries were reportedly compromised.

In that alleged cyberattack claim, the group demanded a 150 BTC ransom (approximately $6.7 million USD at today's exchange rate) threatening to leak stolen data if the demands weren't met.

[caption id="attachment_66226" align="aligncenter" width="284"] Source: X[/caption]

Uncertainties and Potential Implications

The true motives behind these cyberattacks remain unclear. It's possible they're aiming for a significant financial payout, or they may seek to disrupt UAE government operations or damage the country's reputation for digital security. The targeted entities haven't yet released any official statements, leaving the situation shrouded in uncertainty.

If the claims of compromised data are true, this could be the biggest data breach ever witnessed in the UAE and potentially the entire Middle East. The leak of sensitive government or citizen data could have severe consequences, ranging from financial losses to identity theft and national security risks.

Heightened Cybersecurity Measures a Must

This incident highlights the critical need for enhanced cybersecurity measures across all UAE entities, both public and private. Investing in advanced security solutions, implementing stricter data protection protocols, and regularly educating employees on cyber threats are all essential steps to prevent future attacks.

Cybercrime transcends borders. International cooperation between governments and law enforcement agencies is vital to track down these cybercriminals and hold them accountable. Collaborative efforts are crucial for developing effective strategies to combat cyber threats and protect critical infrastructure across the globe.

The coming days will be crucial in understanding the true extent of these alleged cyberattacks on UAE claims and the UAE government's response. While the situation is concerning, a prompt and coordinated effort can help mitigate the damage and enhance the country's digital defenses.

Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.

The cybersecurity community is on edge after an unidentified threat actor operating under the username 'UAE', claimed responsibility for a massive data breach attack involving the United Arab Emirates government. In a BreachForums post, the threat actor threatened to leak the data from the alleged UAE attack, unless a ransom of 150 bitcoins (USD 9 million) was paid. The victims in the alleged UAE attack include major UAE government bodies such as the Telecommunications and Digital Government Regulatory Authority, the Federal Authority for Nuclear Regulation, and the Executive Council of Dubai, along with key government initiatives such as Sharik.ae and WorkinUAE.ae. Various ministries are also affected, including the UAE Ministry of Health and Prevention, Ministry of Finance, and the UAE Space Agency. In the post, the threat actor claimed to have access to the personally identifiable information (PII) of various government employees, and shared a few samples that included names, emails, phone numbers, roles, and genders of top officials.

Threat Actor Shared Alleged Samples from UAE Attack

[caption id="attachment_65993" align="alignnone" width="1237"] Source: Dark Web (BreachForums)[/caption] The sample screenshots shared by the threat actor allegedly display internal data from several major UAE government bodies. Additionally, the threat actor claimed to have acquired access to personally identifiable information (PII) of top government officials, displaying samples that list names, roles, and contact details. The possession alleged samples by the threat actor, raises concerns over the security of government personnel and the integrity of national operations. The abrupt emergence of the hacker adds complexity to the incident, casting doubt on the veracity of the claims but potentially indicating a high-stakes risk scenario. The implications of such a breach are severe, potentially affecting national security, public safety, and the economic stability of the UAE. The global cybersecurity community is closely watching the developments, emphasizing the need for a swift and decisive government investigation to confirm the extent of the intrusion and mitigate any potential damage.

Experts Advice Caution and Skepticism Regarding UAE Attack

The hacker's emergence from obscurity with no prior credibility or record of such activities, casts doubt over the legitimacy of the claims. Neither the UAE government nor the affected agencies have yet responded to these claims, nor has there been any independent confirmation of the breach. The Cyber Express team has reached out to the Telecommunications And Digital Government Regulatory Authority (TDRA) in Dubai for further information regarding the attacks. The extensive list of affected entities and the nature of the alleged stolen data would suggest a highly sophisticated and coordinated attack, which seems incongruent with the profile of a lone, unestablished hacker. As this story develops, it will be crucial to monitor responses from the UAE government and the cybersecurity community. It is critical for all stakeholders, including government officials and cybersecurity experts, to collaborate urgently to address this potential crisis, ensuring the protection of sensitive government data and maintaining public trust in national security measures. Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.