Cybercriminals are stepping up their game in 2024, moving beyond simple extortion to more advanced strategies like double extortion. In the past, ransomware attacks would lock your data and demand payment to unlock it. Now, attackers are doubling the pressure—not only encrypting data but also threatening to expose it unless a second ransom is paid. This evolution in cybercrime is hitting businesses hard across the UAE and the Middle East.
In a double extortion attack, cybercriminals encrypt your data and also steal it, threatening to leak sensitive information unless a second ransom is paid. This added layer of extortion forces businesses to make tough decisions: risk a data breach or give in to the hackers’ demands.
A prime example of this is happening in the UAE, where companies have become the most targeted ransomware victims in the GCC. Security Middle East reports that sectors like retail, telecom, and healthcare are frequently hit, with attackers using these advanced tactics to extort higher ransoms.
In response to the rise of cyberattacks, the UAE has strengthened its cybercrime laws to deal with emerging threats like double extortion. The UAE Cybercrime Law of 2023 outlines severe penalties for cybercriminals, but businesses still face significant challenges in protecting themselves from ransomware attacks. The law emphasizes the importance of safeguarding data, and companies that fail to protect sensitive information could face hefty fines and reputational damage if a breach occurs.
What makes double extortion so challenging is that it attacks from multiple angles. Even if a company restores its data from backups, the hackers still have sensitive files and can leak or sell them. The stakes are even higher for industries dealing with personal data or financial information, such as healthcare and banking.
According to GCA, dealing with double extortion requires more than just backups. Companies need a robust cybersecurity strategy that includes encryption, multi-factor authentication (MFA), and incident response planning to mitigate these attacks.
As ransomware attacks continue to evolve, staying ahead of these threats is more important than ever. At GISEC GLOBAL 2025, happening from 6-8 May 2025, you’ll have the chance to learn from industry experts about how to defend against double extortion and other emerging cyber threats. With hands-on workshops and the latest technologies on display, GISEC GLOBAL is where you’ll find the tools to protect your business from ransomware.
Don’t wait—prepare now for the future of cybersecurity! 🛡️