AIToday

Gulf states fortify digital defenses as cyberattacks and drone strikes surge

Fortune AI4h ago9 min read
Gulf states fortify digital defenses as cyberattacks and drone strikes surge

Key takeaway

Since the U.S.-Iran war outbreak in late February, the Gulf region has faced a sharp escalation in both cyberattacks and physical strikes on cloud infrastructure, forcing governments and businesses to overhaul their digital defenses. Daily cyberattacks in the UAE surged from 200,000 to 700,000, while drone strikes in March directly hit major AWS data centers, knocking them offline and disrupting financial systems across the region. The attacks have exposed critical gaps in insurance coverage for geopolitical risks and underscored the need for sovereign, redundant infrastructure—driving a shift toward adaptive security systems and locally governed clouds.

Summaries like this, in your inbox every morning.

Sign up free →

3 Key Points

  • What happened

    Since the U.S.-Iran war outbreak on February 28, the UAE has seen daily cyberattack attempts surge from roughly 200,000 to as many as 700,000. In early March, drone strikes directly hit two AWS data centers in the UAE and one in Bahrain, forcing all three offline and triggering outages across banking, payments, and enterprise software. A Help AG report found that AI has enabled attackers to complete attacks 65% faster than before in the first quarter of 2026, with some causing damage less than 40 hours after gaining access.

  • Why it matters

    The average cost of a data breach in the Middle East stood at $7.29 million(約12億円) in 2025—significantly above the global average of $4.44 million(約7.1億円). For Gulf states pursuing AI hub ambitions, the attacks have exposed geopolitical vulnerability of digital infrastructure and the limits of existing insurance frameworks, which often exclude or limit coverage for acts of war and state-sponsored cyberattacks. Rising security spending and insurance premiums will likely increase costs of building and operating data centers across the region.

  • What to watch

    Information security spending across MENA is expected to reach $4.07 billion(約6500億円) in 2026, up 10.1% from 2025. Cybersecurity spending across the GCC is projected to surpass $9.6 billion(約1.5兆円) by 2032, up from $5.9 billion(約9400億円) in 2025. The UAE and Saudi Arabia are increasingly building cybersecurity into infrastructure planning, with sovereign cloud and locally governed systems becoming core design priorities.

Context & Analysis

The escalation began with the U.S.-Iran war outbreak on February 28, which triggered both a surge in cyberattacks and direct military strikes on digital infrastructure. In the UAE alone, daily cyberattack attempts nearly quadrupled from roughly 200,000 to as many as 700,000 as geopolitical tensions flared. More significantly, the March drone strikes on AWS facilities marked the first time military attacks had directly targeted and disrupted data center operations of a major U.S. tech company—a threshold that security experts warn may not hold. Help AG's report documents how AI has become a force multiplier for attackers, compressing attack lifecycles to unprecedented speed; the Middle East reflects the same pattern but under higher exposure intensity.

The economic burden is substantial and accelerating. The average cost of a data breach in the Middle East—$7.29 million(約12億円) in 2025—already exceeds the global average by a large margin. Yet the region's insurance frameworks have not kept pace with systemic risk. Many cyber policies exclude or limit coverage for acts of war and state-sponsored cyberattacks, exclusions that have become more prominent as geopolitical tensions increased. Penetration of cyber insurance remains low in the UAE and Saudi Arabia compared with mature markets, leaving smaller businesses particularly vulnerable.

In response, the UAE and Saudi Arabia are embedding cybersecurity into infrastructure planning itself, prioritizing sovereign clouds and locally governed systems over reliance on hyperscale international facilities. Spending reflects this urgency: information security spending across MENA is expected to reach $4.07 billion(約6500億円) in 2026, up 10.1% from 2025, while GCC cybersecurity spending is projected to reach $9.6 billion(約1.5兆円) by 2032 from $5.9 billion(約9400億円) in 2025. The shift toward distributed, adaptive, and locally controlled digital infrastructure appears to be both a defensive necessity and a reshaping of how the region approaches data sovereignty and national resilience.

FAQ

What happened to AWS data centers in the Gulf?
In early March, two AWS data centers in the UAE and one in Bahrain were directly struck by drones, forcing all three offline and triggering outages across banking, payments, delivery apps, and enterprise software. AWS services in Bahrain have since been targeted in further drone strikes and sustained damage as a result.
How much faster are cyberattacks now with AI?
According to a Help AG report from the first quarter of 2026, the use of AI has allowed attackers to complete attacks 65% faster than before, with some causing damage less than 40 hours after first gaining access.
What is a sovereign cloud?
A sovereign cloud is a specialized cloud computing environment designed to ensure an organization's data, metadata, and infrastructure remain entirely within a specific legal jurisdiction.

Discussion

No discussion yet for this article

Stay ahead with AI news

Get curated AI news from 200+ sources delivered daily to your inbox. Free to use.

Get Started Free

Free · takes 30 seconds · unsubscribe anytime

1 minute a day. The AI essentials.

200+ sources · Email / LINE / Slack

Get it free →