UAE SMEs Face Rising Cyberattacks This Eid as AI-Powered Threats Scale Up, Warns Secure.com
Secure.com CEO Uzair Gadit warns that UAE SMEs face their highest cyber risk exposure during Eid, with AI-powered attacks scaling rapidly and 77% of UAE businesses that experience a breach forced to spend months rebuilding customer trust.

Small business owner in Dubai reviewing a cybersecurity alert on a laptop screen at night
As the UAE enters the Eid Al Adha holiday period, cybersecurity professionals are raising a warning that has become increasingly familiar: peak commercial seasons are peak attack seasons, and the country's small and medium sized enterprises remain the most exposed and least protected segment of the digital economy.
Uzair Gadit, Chief Executive of Secure.com, the Dubai based cybersecurity startup that recently raised $4.5 million to deploy AI powered security agents for lean organisations, has issued a direct message to UAE business owners ahead of the break. The assumption that small businesses are too insignificant to attract criminal attention is not only wrong. It is precisely the vulnerability that attackers exploit.
"Attackers don't look at size, only at weak points," Gadit told Gulf Business. "With automation tools now prevalent, they run their scripts at scale. Small business owners should re-evaluate that position. Their size doesn't make them invisible; it can actually make them easier to exploit."
The threat environment supporting that warning is unambiguous. The UAE Cybersecurity Council has confirmed 128 cyber threat incidents targeting entities across the country since the start of 2026, with authorities blocking between 90,000 and 200,000 breach attempts every single day. A significant proportion of those incidents involved the exploitation of artificial intelligence technologies to develop sophisticated offensive tools, reflecting what the Council has described as a qualitative shift in the methods and ambitions of threat actors operating against UAE infrastructure.
Why Eid concentrates the risk
The mechanics of why peak commercial periods create elevated cyber risk are well understood, even if too rarely acted upon. During Eid, transaction volumes surge. Online retail activity spikes, with fashion purchases rising by as much as 46 per cent, digital storefronts expand, temporary staff are onboarded to cover demand, and new payment integrations are layered onto existing infrastructure to handle throughput. Each of these changes quietly widens the attack surface at precisely the moment when security teams are at their thinnest.
For a small business in Dubai operating on a lean team, new payment gateway integrations, expanded e-commerce functionality, and temporary staff with minimal cybersecurity awareness represent three simultaneous vectors that attackers can probe at scale using automated tools, without any human effort on their end until a target is confirmed.
The UAE Cybersecurity Council has previously warned that unsupervised IT networks and systems during holiday periods provide greater opportunity for criminals to operate. This risk is structurally embedded in any organisation that reduces its security oversight during a peak commercial window.
The real cost of a breach
Gadit grounds his warning in data that should concern any SME leadership team. Research published by Mastercard across more than 1,000 UAE SMEs found that 77 per cent of those that experienced a cyberattack were forced to spend significant time rebuilding trust with customers and partners. A quarter filed for bankruptcy. Nineteen per cent were forced to close their businesses entirely.
For a small retailer whose Eid trading period may represent a disproportionate share of annual revenue, a ransomware attack that locks point of sale systems, order management tools, and customer databases simultaneously can translate into losses that are not recoverable within a single trading cycle. The financial impact is immediate. The reputational impact persists far longer. When customer payment data is compromised, partners question reliability, and regulators across the Gulf region may require formal disclosure, compounding the cost of the original incident.
The same Mastercard study found that 47 per cent of UAE SMEs have already experienced at least one cyberattack, with malware, digital skimming, and phishing among the leading vectors. The UAE was the only country in the study where digital skimming ranked among the top five threats, reflecting the concentration of e-commerce activity and the sophistication of financially motivated groups operating in the region.
The assumption that scale provides protection
Gadit identifies one belief as particularly dangerous to the SME community: the conviction that operating at small scale confers a form of digital obscurity. Attackers running automated, AI powered campaigns at scale do not perform manual reconnaissance of individual businesses before deploying their tools. They scan for vulnerability signatures, open ports, unpatched software, misconfigured payment integrations, and weak credentials. A small retailer with an unpatched e-commerce plugin presents the same detectable weakness as a mid-market firm and is considerably less likely to have the detection capability to notice when that weakness is being probed.
"For criminals running automated, increasingly AI powered campaigns, dozens of under-protected SMEs make an easier prize than one well-defended enterprise," Gadit said.
As the UAE Cybersecurity Council's own data confirms, AI enabled attacks against UAE entities are already a documented reality in 2026. For enterprise security leaders across the GCC, this carries implications that extend beyond the SME segment itself. Supply chain risk now functions as a board level concern, and SME suppliers operating with weak security postures represent genuine exposure for the larger organisations they serve.
A practical path forward
Gadit's response to this threat environment is framed around operational capacity rather than capital intensive infrastructure overhauls. Secure.com's Digital Security Teammates model is designed to function within a small retailer's existing technology stack, automating alert triage and surfacing genuine threats without requiring a dedicated security operations team. Early deployments across finance, healthcare, and technology sectors have demonstrated 70 per cent faster threat detection and 50 per cent faster incident resolution, metrics that matter in a sector where a few hours of downtime during peak trading can determine whether a season is profitable.
For SMEs that cannot justify an enterprise security investment, Gadit outlines four practical priorities that do not require large budgets. Endpoint protection forms the technical foundation, ensuring that every device connected to business systems carries current, active protection. Cybersecurity training focused on finance and operational staff addresses the human exposure that phishing attempts and payment fraud schemes exploit most effectively during high transaction periods. Tested and regularly verified backups stored separately from primary systems eliminate the leverage that ransomware operators depend upon. A documented incident response plan, even a simple one page protocol, gives a team a clear path from detection to recovery without having to improvise under pressure.
"Practical preparation doesn't require an unlimited budget," Gadit said. "It requires the right tools, applied intelligently and matched to the scale and risk profile of the business. SMEs that act now, before the next peak season, will be in a fundamentally stronger position than those who treat this as someone else's problem."
With Eid Al Adha upon UAE businesses and the summer trading period ahead, the window for preparation is short. For organisations already navigating the UAE's evolving cybersecurity regulatory environment, the message from Secure.com is unambiguous: the time to act is before the season ends, not after the breach report is filed.
Omar Al-Hakeem
Senior Cyber Threat Analyst | MENA RegionOmar Al-Hakeem is a cybersecurity researcher specializing in threat intelligence, ransomware trends, and nation-state activity across the Middle East and North Africa. With over 12 years of experience in SOC operations and incident response, he provides deep technical breakdowns of emerging attacks and regional cyber risks. At MENA Cyber Wire, Omar focuses on real-world threat analysis and actionable defense strategies for enterprises and startups.