The May 2025 NESA Center Update focuses on cybersecurity regional trends.

The update also highlights January through March 2025 NESA Center programs and events, faculty and staff engagements, alumni contributions, and a calendar.

NESA Region Trends: Cybersecurity

• Surge in Infostealer Malware: The UAE experienced a notable increase in infostealer malware, with RedLine Stealer accounting for 69.9% of infections. This trend threatens personal and organizational data security, underscoring the urgent need for enhanced cyber defenses.
• Rise in Cyberattacks Targeting Critical Infrastructure: State-sponsored groups, particularly from Iran, intensified cyberattacks on critical infrastructure, including Israel’s railroad network, using sophisticated phishing campaigns to compromise electrical systems. These incidents reveal the growing vulnerability of critical systems and the rising stakes of cyber conflict in the region.
• Increased Cybersecurity Investments: Israel was the number two target in the world for hackers and malicious actors in 2024 with 1,550 cyberattacks, mostly from pro-Palestinian groups opposing Israel’s policies in the Middle East. Israeli cybersecurity firms raised $4 billion in 2024, more than double the previous year, driven by heightened demand for cloud and AI security solutions. This surge in investment highlights how geopolitical tensions are directly accelerating the development and adoption of advanced cybersecurity technologies in the region.
• Middle East Cybersecurity Landscape: As the Middle East (ME) expands its digital infrastructure, it faces growing cyber threats driven by economic modernization, technological growth, and geopolitical tensions. State-sponsored attacks, cybercrime, and hacktivism are rising, making robust cyber defense essential for regional and global stability. Three key cybersecurity trends threatening U.S. and ME partner nation security include increased state-sponsored cyberattacks, the rise of cybercrime and ransomware, and the exploitation of critical infrastructure vulnerabilities.

Iran, Israel, and Saudi Arabia conduct cyber operations targeting critical infrastructure and economies while also being targeted themselves. These attacks aim to disrupt regional stability and normalization efforts. Ransomware attacks are escalating across government, public, and private sectors, with critical infrastructure like energy grids and financial systems becoming prime targets for disruption and ransom demands. As ME digital infrastructure expands, sectors like energy, defense, and finance face growing cyber risks, particularly the oil and gas industry, which is vital to economies like Saudi Arabia and the UAE, and remains vulnerable to espionage and sabotage.

Three promising cybersecurity initiatives to enhance U.S.-partner nation ME regional security (2025–2030) may include strengthening cyber defense alliances, investing in advanced cybersecurity technologies, and developing regional cybersecurity talent. The U.S. should consider enhancing collaboration with ME nations through intelligence sharing, joint cyber exercises, and standardized protocols to bolster collective resilience. Technologies such as AI-driven threat detection and cloud security will be key to real-time defense and deterring evolving threats. Collaborative education initiatives and training programs with international institutions can support long-term workforce development. Overall, these efforts could represent a strategic shift from reactive defense toward a more proactive, alliance-based cybersecurity planning.

Read the full NESA Center Update report [PDF].

Read other NESA Center reports.

The views presented in this article are those of the speaker or author and do not necessarily represent the views of DoD or its components.