According to a senior UAE government official, cyber attackers are utilizing ChatGPT to carry out ransomware attacks. Dr Mohamed Al Kuwaiti, Head of Cybersecurity for the UAE Government, highlighted this emerging trend during his keynote address at the 6th CSIS Cybersecurity Innovation Series Conference in Dubai. Attackers are employing various aspects of ChatGPT to design tools for launching attacks, such as reprogramming and incorporating ransomware scripts, as well as using it for email phishing and drafting malicious emails.
The official also emphasized that cybercriminals are increasingly leveraging artificial intelligence (AI) to conduct their malicious activities. The government has been actively countering cyberattacks and has successfully deterred and prevented infrastructure breaches in sectors including electricity, energy, transportation, aviation, education, and healthcare. Financial institutions have been a primary target for ransomware attacks, with the cloud being identified as an area where attackers exploit vulnerabilities.
Efforts to combat cyber threats involve imposing sanctions on ransomware attackers through collaborations with Interpol, European partners, and other stakeholders. While acknowledging the use of AI as a potential threat, the UAE government also employs AI technologies to safeguard its infrastructure. However, the official cautioned that technology can be both beneficial and detrimental depending on its application.
To promote a cybersecurity culture, the government has integrated cybersecurity into various aspects of life, including education. Curricula have been updated and aligned with cybersecurity and digital transformation objectives outlined in Vision 2030, Vision 2050, and Centennial 2071. Cybersecurity awareness campaigns, such as the launch of a new cyber pulse initiative, have been initiated to foster a greater understanding of cyber threats and preventive measures.
The official underscored the importance of community engagement and collective efforts in raising cybersecurity awareness to ensure comprehensive protection for all individuals and entities. Additionally, cloud security policies are in place, and highly skilled teams are continuously working to innovate and enact cybersecurity legislation.