Positive Technologies: individuals and online stores are the main targets of data breaches in Egypt

Positive Technologies analyzed  cyberthreats faced by organizations and citizens of the Arab Republic of Egypt in 2024. The researchers found that computers, network equipment, and individuals were the primary targets of cyberattacks in the country. An analysis of the dark web revealed that half of all stolen confidential information was made up of personal data and trade secrets.

In 2024, Positive Technologies uncovered over a hundred listings on dark web forums offering stolen databases for sale or free distribution. These databases contained confidential information belonging to Egyptian citizens and organizations. The most frequently stolen information included personal data (23%) and trade secrets (27%).

Most of the reports about data breaches involved individuals (40%), followed by e-commerce (22%), as well as the service and transportation sectors (10% each). One post, for example, advertised the sale of personal data of 85 million Egyptian citizens. Another post offered the database of a major supplement store, containing 600,000 customer records. The high number of posts related to e-commerce is due to the rapid growth of this sector, including a rise in clients and businesses.

Egypt is a regional leader in digital technology. Between 2022 and 2024, the number of internet users in the country increased by 6.3 million, exceeding 82 million. According to the 2023–2024 report by the International Telecommunication Union, Egypt was one of 12 nations to receive the highest rating in the Global Cybersecurity Index.

Positive Technologies analyst Alexey Lukash, said: “Our research revealed that Egypt faces a number of serious challenges despite its significant achievements in digitalization and leading positions in cybersecurity rankings. The rapid digital transformation, driven by the government, has made Egypt an attractive target for cybercriminals, as evidenced by the variety of attack methods used and the data uncovered on the dark web”.

According to experts, more than half of all cyberattacks (56%) target computers and network equipment. For example, in March 2024, a major DDoS campaign by a hacktivist group targeted the two largest mobile operators in the country, leaving millions of users without connection. In second place among attack targets are individuals (39%), the most vulnerable link, and in third are mobile devices (6%).

The main methods of attacks were social engineering and malware, each accounting for 36% of cases. In 16% of cyberattacks, hackers exploited vulnerabilities. Throughout 2024, hackers employed a double extortion tactic in attacks on Egyptian organizations: they used malware to encrypt victims’ data and then stole confidential information, threatening to release it unless a ransom was paid.

To effectively combat cyberthreats, experts recommend improving employees’ digital literacy and fostering a strong cybersecurity culture within organizations. To enhance cyber resilience, reduce cybersecurity incidents in Egypt, and strengthen the country’s standing in international rankings, organizations must adopt modern solutions, such as web application firewalls (WAFs) to protect web resources and network traffic analysis (NTA) systems for proactive cyberthreat hunting within their networks.