Dubai – Cybercriminals are rapidly adapting to generative artificial intelligence (AI) tools, allowing them to launch sophisticated cyberattacks in Arabic, a trend that is becoming increasingly prevalent, according to a top cybersecurity official.
Sumit Dhawan, CEO of cybersecurity firm Proofpoint, warned that Arabic-language cyberattacks have surged in recent years, making Arabic one of the top three languages used in cybercrime.
Speaking at a conference organized by Proofpoint in Dubai, Dhawan highlighted that the rise of AI-powered language models has eliminated previous language barriers for cybercriminals, enabling them to craft highly targeted and convincing attacks.
“Arabic language attacks are more common than they were before,” Dhawan said in an interview with Khaleej Times.
“Multi-channel attacks are no longer limited to email. Some attacks transform themselves—harmless when delivered but becoming harmful when clicked on. We have solutions that are language model-based and can detect multi-channel attacks in Arabic.”
The increasing sophistication of these attacks is linked to AI’s ability to generate more personalized and localized content.
Dhawan emphasized that mass phishing emails are no longer as effective for cybercriminals. Instead, targeted attacks in Arabic, which cater to the linguistic and cultural context of the region, are proving to be more successful.
AI Fuels the Rise of Localized Cyberattacks
Dr. Mohamed Al Kuwaiti, chairman of the UAE Cyber Security Council, also addressed the conference, revealing alarming statistics on cyber threats in the region.
He noted a 32% increase in ransomware attacks and an 18% rise in DDoS (Distributed Denial of Service), phishing, and other cyber threats.
Al Kuwaiti attributed this surge to the use of AI-driven tools by threat actors, making it easier to generate attacks in Arabic and other local languages.
“Language and geography are no longer barriers to running sophisticated attacks because of the emergence of language-based AI models,” Al Kuwaiti stated.
He warned that cybercriminals are using AI to continuously refine and rewrite phishing messages, making them more deceptive.
As a countermeasure, he stressed the importance of developing intent-based detection models to identify threats, rather than relying solely on traditional keyword-based cybersecurity solutions.
“This is going to be the future of cybersecurity. Intent detection is built into our solutions and will be implemented in the UAE in the coming weeks,” Al Kuwaiti added.
Cyber Awareness and Human Vulnerabilities
Beyond technological solutions, cybersecurity experts at the conference underscored the critical role of human awareness in combating cyber threats.
Al Kuwaiti stressed that while data breaches often involve sophisticated hacking techniques, human error remains a major vulnerability.
“Data doesn’t have legs. It’s the people who leak information,” he said, emphasizing the need for cybersecurity training and awareness programs for employees.
As cybercriminals continue to leverage AI to expand their attacks in Arabic and other languages, cybersecurity firms are shifting their focus to preemptive, intent-based solutions.
Experts warn that businesses and individuals must remain vigilant, adopt advanced security measures, and invest in cybersecurity awareness to mitigate the growing risks posed by AI-driven cybercrime.