AI Worms Target the Middle East and North Africa's Connected AI Systems
Security researchers have created **Morris II**, an AI worm capable of spreading between generative AI agents and stealing sensitive data. The breakthrough discovery comes as the Middle East and North Africa's rapidly expanding AI infrastructure faces mounting cybersecurity challenges, with risky AI prompts surging 97% in 2025. Named after the infamous 1988 Morris worm that infected 10% of internet-connected computers, Morris II represents a new breed of threat specifically designed for AI-powered systems. The worm demonstrated its ability to attack generative AI email assistants, successfully breaking security protections in both **OpenAI's** ChatGPT and **Google's** Gemini during controlled laboratory testing.By The Numbers
- 87% of respondents identified AI-related vulnerabilities as the fastest-growing cyber risk in 2025-2026
- 53% of security leaders say AI-powered attacks will be their biggest challenge in 2026
- India faces 3,195 cyber attacks per organisation weekly, 62% higher than the global average
- North Africa reports 85% of organisations noting increased risks of cyber-enabled fraud and phishing
- 77% of organisations have adopted AI for cybersecurity, mainly for phishing detection at 52%
the Middle East and North Africa's AI Infrastructure Under Siege
The timing of this research proves particularly concerning for the MENA region, where AI adoption continues accelerating across industries. India alone lost ₹19,813 crore ($2.18 billion) to cyber fraud in 2025, highlighting the region's vulnerability to sophisticated digital attacks."2026 may mark the return of fast-moving AI-powered worms, as zero-day exploitation and island hopping become more prevalent," warns Tom Kellerman, cyber strategist at VMware.The threat extends beyond individual organisations. Advanced persistent threat groups aligned with countries including China, North Korea, and Russia are increasingly shifting to homegrown AI tools to evade monitoring systems. These groups deploy AI-operated attacks and personalised social engineering campaigns using tools like **WormGPT** to target MENA enterprises. the UAE's approach to AI regulation reflects growing regional awareness of these risks. The city-state has implemented comprehensive frameworks addressing AI misuse, recognising the dual nature of artificial intelligence as both opportunity and threat.
How AI Worms Exploit Connected Systems
AI worms operate differently from traditional malware. Rather than exploiting software vulnerabilities, they manipulate the language models themselves, using carefully crafted prompts to trigger unintended behaviours. The researchers demonstrated several attack vectors:For related analysis, see: [ChatGPT Now Creates Sharper Images, Quicker](/news/chatgpt-now-creates-sharper-images-quicker).
- Email-based propagation through AI-powered assistants that automatically process attachments
- Data exfiltration by instructing compromised AI agents to send sensitive information to external servers
- Lateral movement between connected AI systems within organisational networks
- Payload delivery through compromised AI agents executing malicious instructions
| Attack Vector | Traditional Malware | AI Worms |
|---|---|---|
| Entry Point | Software vulnerabilities | Language model manipulation |
| Propagation | File infection | Prompt injection |
| Detection | Signature-based | Behaviour analysis |
| Mitigation | Patches and updates | Input validation and monitoring |
Regional Response and Defence Strategies
MENA governments and enterprises are responding to these emerging threats with increased vigilance and investment. The AI Arms Race: Safeguarding the Middle East and North Africa's Cybersecurity has become a critical priority for regional stakeholders.For related analysis, see: [Can You Spot AI-Generated Content? Recognising Patterns and ](/business/can-you-spot-ai-generated-content-recognising-patterns-and-making-your-content-sound-more-human).
"Developments in AI are reshaping multiple domains, including cybersecurity. However, they can also pose serious risks such as data leaks and cyberattacks if they malfunction or are misused," states Josephine Teo, the UAE's Minister for Digital Development and Information, and Minister-in-Charge of Cybersecurity.Defence strategies against AI worms require a multi-layered approach combining traditional security measures with AI-specific protections. Organisations must implement robust input validation, continuous monitoring of AI agent behaviours, and strict access controls for connected systems. The education sector faces particular vulnerability, with India reporting a 6% increase in ransomware attacks targeting educational institutions. This trend highlights the need for comprehensive AI governance frameworks across the MENA region.
Industry Impact and Future Implications
The emergence of AI worms poses significant implications for the Middle East and North Africa's digital economy. AI-driven cyberattacks represent a new threat landscape that traditional security measures cannot fully address.For related analysis, see: [Google declares 2025 the year AI reached "utility" stage](/news/google-declares-2025-the-year-ai-reached-utility-stage).
Financial services, healthcare, and manufacturing sectors face the highest risk due to their extensive AI adoption and valuable data assets. The interconnected nature of supply chains across the Middle East and North Africa means that a successful AI worm attack could cascade across multiple organisations and countries. Agentic phishing attacks, powered by AI worms, are projected to exceed 42% of global breaches by 2026. These sophisticated campaigns use personalised social engineering tactics that adapt based on target responses, making them significantly more dangerous than traditional phishing attempts.What are AI worms and how do they differ from traditional malware?
AI worms are malicious programs that exploit language models rather than software vulnerabilities. They spread through prompt injection attacks, manipulating AI systems to execute unintended actions like data theft or lateral movement across connected networks.
Which industries in the MENA region face the highest risk from AI worms?
Financial services, healthcare, and manufacturing sectors face elevated risks due to extensive AI adoption and valuable data. Educational institutions also show vulnerability, with India reporting increased ransomware attacks in this sector.
For related analysis, see: [OpenAI unveils more human-sounding GPT-5.1](/news/openai-unveils-more-human-sounding-gpt-5-1).
How can organisations protect against AI worm attacks?
Protection requires input validation for AI systems, continuous behaviour monitoring, access controls for connected agents, and traditional security measures. Human oversight and clear boundaries for AI actions remain crucial defensive elements.
Are current cybersecurity tools effective against AI worms?
Traditional signature-based detection methods prove insufficient. Organisations need behaviour analysis tools and AI-specific security solutions that can identify prompt injection attempts and unusual AI agent activities in real-time.
What role do governments play in addressing AI worm threats?
Governments develop regulatory frameworks, share threat intelligence, and coordinate response efforts. the UAE and other MENA nations are implementing comprehensive AI governance policies to address these emerging security challenges.
Further reading: OpenAI | Google DeepMind
THE AI IN ARABIA VIEW
The rapid adoption of generative AI tools across the Arab world reflects both the region's digital readiness and its appetite for productivity gains. But the real test lies ahead: moving beyond consumer-level prompt engineering to enterprise-grade AI integration that transforms how organisations operate and compete.
Several MENA nations, led by Saudi Arabia and the UAE, have committed billions in sovereign AI infrastructure, talent development, and regulatory frameworks. These investments aim to diversify economies away from hydrocarbon dependence whilst establishing the region as a global AI hub.
### Q: What role does government policy play in MENA's AI development?Government policy is the primary driver. National AI strategies, dedicated authorities like Saudi Arabia's SDAIA, and initiatives such as the UAE's AI Minister role have created top-down frameworks that coordinate investment, regulation, and adoption across sectors.
### Q: How are businesses in the Arab world adopting generative AI?Adoption is accelerating across sectors, with enterprises deploying generative AI for content creation, customer service automation, code generation, and internal knowledge management. The Gulf's digital-first business culture is proving to be a strong tailwind for adoption.