UAE says national cyber defenses foiled AI-enabled attacks on vital systems

The UAE’s Cybersecurity Council and state news agency WAM said the country’s national cyber-defence system successfully foiled organised attacks that targeted digital infrastructure and vital sectors, according to media reports published Feb. 21–22, 2026. WAM described the incidents as "organised cyberattacks with a terrorist nature" that sought "to destabilise the nation and disrupt essential services."

The council’s statement, summarized by Reuters, said the attacks "included attempts to infiltrate networks, deploy ransomware and conduct systematic phishing campaigns targeting national platforms," and that the intrusions "involved artificial intelligence technologies to develop offensive tools." Reuters reported the account on Feb. 21; its coverage was credited to Ahmed Elimam with writing by Hatem Maher and editing by Peter Graff.

UAE statements carried by local and regional outlets also emphasized operational readiness. Khaleej Times and WAM said the national cybersecurity and cyber-defence system "operates around the clock with high efficiency, in cooperation with service providers, national and international entities, and specialised organisations," and benefits from "advanced international technological partnerships and expertise" to strengthen protection and recovery.

Authorities urged residents and businesses to adopt safer online habits and to report suspicious messages or activity through officially designated channels. With the start of Ramadan, the Jerusalem Post and other outlets relayed the council’s warning about increased phishing and donation-related fraud risks, noting that citizens were advised to follow "safe practices" online and report threats to preserve continuity of institutions.

The government did not name any perpetrators. "The report did not say who was to blame for the attacks," Reuters noted, and no independent technical analysis or external attribution was provided in the statements published to date.

Beyond immediate security claims, the episode spotlights growing public-health and social-equity implications of AI-enabled cyber operations. The council framed the threat in human terms, saying that "the safety of individuals, the protection of personal data, and the continuity of critical services remain top priorities." Any successful disruption to utilities, health records, emergency dispatch systems or supply chains can quickly translate into delayed care, unequal access to services, and outsized harm to older adults, low-income families and people reliant on digital-only service channels.

The UAE’s account also included assessments that the use of AI in offensive tools marks a shift in adversaries’ capabilities. As the council put it through regional outlets, attackers "also exploited AI technologies to develop complex offensive tools, a significant advancement in terrorist groups' methods and capabilities." That claim, if substantiated by technical evidence, would heighten the urgency for cross-border cooperation on threat intelligence, stronger minimum standards for critical infrastructure providers, and routine independent audits of resilience for hospitals and other essential service operators.

Key gaps remain. Officials have not released timelines, affected organisations by name, technical indicators, or forensic evidence demonstrating AI-specific techniques. Journalists and independent cyber‑security firms will seek those details to validate the scale and novelty of the threat and to advise proper mitigations. For now, the UAE’s public advisory focuses on vigilance: report suspicious activity, verify donation requests, and maintain basic cyber hygiene as national authorities continue investigations and recovery efforts.