April to May 2025 saw a record 236% spike in distributed denial of service (DDoS) attacks across the Middle East and North Africa (MENA), according to a multisectoral analysis of government and private sector infrastructures.1 Beyond productivity and financial impact, DDoS attacks can cause the collapse of health and safety mechanisms that result in physical harm to people.
The MENA Cyber Summit 2025 Annual Report highlights various sectors with vulnerabilities - the energy and manufacturing sectors are a case in point.2 In 2017, Triton malware targeted safety instrumented systems (SIS) in a Saudi petrochemical facility, disabling controls and risking explosions or loss of life if not contained.3 While the attack triggered an emergency shutdown without immediate casualties, it underscores the potential for catastrophic failures in MENA's industrial infrastructure, such as overridden emergency systems that can rapidly lead to fires or the release of toxic chemicals.
Other regions have been less lucky. A 2023 study by the University of Minnesota demonstrated that hospitals in the United States hit by ransomware saw a 20-35% rise in in-hospital deaths due to delayed care and operational disruptions.4 Now, with sustained, worldwide, geopolitical tensions and the potential for cyberwarfare, the MENA region has become increasingly exposed to bodily injury as a result of cyber-physical attacks.
How Cyber Attacks Can Endanger Life
When hackers exploit online weaknesses to interrupt or destroy real equipment and infrastructures, they often do so by overriding controls or safety features in important setups. For instance, manipulation of industrial control systems (ICS) or SCADA can disable emergency shutdowns, leading to explosions or jet fires in gas-based operations. Ransomware might halt mechanical components like drilling rigs or automated cranes, causing crushing injuries from uncontrolled machinery.
Furthermore, sensor spoofing could mislead operators about pressures or temperatures, resulting in burns from overheated equipment, exposure to toxic gases in chemical plants, or broken bones from failed safety locks. In water systems, this could mean exposure to chemical contamination, while in shipping networks, such spoofing could cause collisions resulting in serious injuries.
The Changing Nature of Physical Attacks
The advanced digitisation of GCC countries’ infrastructures and supply chains also exacerbates risk, particularly because of their highly digitized energy and manufacturing infrastructure and heavy reliance on automated systems for utilities and transport. These sectors are heavily reliant on human labour as part of their operations, leaving employees increasingly vulnerable to bodily harm as a result of cyber-physical attacks.
But which sectors are demonstrating particular risk? Analysis from the MENA Cyber Summit5 places government at the top of the pile of most targeted industries by cyber attackers (22%), followed by manufacturing (16%), mass media (13%), services (9%) and IT (7%). The top ten most targeted industries also include science and education, transport, finance, telecommunications, and trade. Recent incidents amplify this: in 2022, cyberattacks disrupted Iran’s steelmakers, damaging equipment and halting production; historic Shamoon attacks in Saudi Arabia in 2012 destroyed data and forced recovery in the energy sector. Reports show growing vulnerability in Saudi Arabia’s industrial facilities, with increased focus on ICS in the GCC.6
Solutions and Next Steps
With the Middle East’s pivotal role in global trade, finance, energy and manufacturing, it is essential that organisations act proactively to protect themselves against the blended threat of cyber-physical attacks that can cause both financial and human harm.
Insurance should form a core part of this protection strategy. Traditional property and liability policies often exclude cyber-related physical damage or injury, leaving critical gaps when systems fail due to a digital cause. Modern, affirmative cyber-physical damage policies bridge this gap, responding not only to business interruption and asset damage but also to bodily injury, environmental impacts and health claims arising from cyber incidents.
Equally, effective coverage is only as strong as the risk management behind it. Working with specialist cyber insurance brokers and risk advisors ensures that organisations benefit from both technical insight and tailored insurance design combining:
OT system and safety control reviews.
Employee awareness and industrial safety drills.
Vendor and supply chain risk assessments.
Specialist breach response, engineering and public relations (PR) support networks.
By adopting this combined approach of robust cyber risk management paired with comprehensive, fit-for-purpose insurance, firms can build a more resilient, future-ready defence framework. The outcome is not only compliance or continuity, but a safer workforce, stronger governance and measurable operational resilience across the industrial landscape.
Cyber-physical risk cannot be eliminated, but it can be understood, managed and insured therefore turning vulnerability into resilience.
1 Cyberstorm in MENA: DDoS Atack Report for Q2 2025 (opens a new window)
2 MENA Cyber Summit 2025 Annual Report (opens a new window)
3 MENA Cyber Summit 2025 Annual Report (opens a new window)
4 Hacked to Pieces? The Effects of Ransomware Attacks on Hospitals and Patients (opens a new window)
