A Series of DDoS Attacks Target Key Institutions
Cyprus has successfully repelled a series of coordinated cyberattacks targeting several key government and private sector institutions over a three-day period. The attacks, primarily Distributed Denial of Service (DDoS) attacks, aimed to disrupt online services and access to sensitive information. While the attacks caused temporary service interruptions in some cases, Cypriot authorities and the affected organizations effectively mitigated the threats, ensuring the continued operation of essential services.
Government Portal Under Siege
On October 20th, 2024, the Cyprus government portal, gov.cy, became the target of a DDoS attack. The Deputy Ministry of Research, Innovation, and Digital Policy issued a statement confirming the incident. “The attempt by the hackers had to do with the accessibility of Government websites and the information available on those websites, but it was not successful,” the DepMin explained. The attack, lasting only a few minutes, was successfully repelled thanks to the swift and coordinated response of involved services. Importantly, no other government websites or online services were affected, and no data breaches occurred. The DepMin emphasized that “This type of attack is called DDOS (distributed denial of service attack) and no breach has been achieved,” reassuring citizens that their data remained secure. All services, the statement added, remain on high alert.
Private Sector Targets: Cyta, Bank of Cyprus, and Hermes Airports
The attack on the government portal was not an isolated incident. The previous days saw a wave of similar attacks targeting prominent Cypriot organizations. On October 19th, Cyta, the Cyprus Telecommunications Authority, experienced a DDoS attack. While the attack caused a temporary outage of their website, Cyta’s President of the Board of Directors, Maria Tsiakka Olympiou, confirmed to the Cyprus News Agency (CNA) that the organization effectively handled the incident and its operations remained unaffected. “Cyta’s website was down for some time, because of the attack, but the organisation dealt with the incident effectively and it remains vigilant,” she stated.
The Bank of Cyprus also faced a DDoS attack on the afternoon of October 18th. In a press release, the bank announced that the attack, which aimed to render its websites inaccessible, was successfully thwarted. “The attempt was successfully thwarted and the websites are up and running,” the statement read.
Adding to the series of attacks, Hermes Airports, the operator of Larnaca and Paphos airports, also reported an unsuccessful cyberattack targeting its website on October 18th. Maria Kouroupi, Hermes’ Aviation Development and Communications Director, reassured the public that the airports’ operations remained unaffected, as the website is not connected to the airports’ operational systems.
Sixth Attack in Three Days Highlights Growing Cyber Threat
The attack on the government portal marked the sixth cyberattack in Cyprus within a three-day period. This surge in cyberattacks underscores the increasing sophistication and frequency of these threats and highlights the importance of robust cybersecurity measures for both public and private sector organizations in Cyprus. The successful defense against these attacks demonstrates the resilience of Cypriot cybersecurity infrastructure and the effectiveness of coordinated responses. However, the events serve as a stark reminder of the ongoing need for vigilance and continuous improvement of cybersecurity defenses to protect critical infrastructure and sensitive data.
The recent wave of cyberattacks in Cyprus tested the nation’s cybersecurity capabilities. The successful mitigation of these attacks, particularly the coordinated response to the DDoS attacks targeting the government portal and key private sector entities, showcases the preparedness and effectiveness of Cypriot authorities and organizations in defending against sophisticated cyber threats. While the attacks caused temporary disruptions, the swift and decisive actions taken prevented significant damage and data breaches. This experience underscores the importance of proactive cybersecurity measures, continuous monitoring, and robust incident response plans to effectively counter the ever-evolving landscape of cyber threats.
