Critical sectors in Cyprus targeted in a major cyberattack

October 21, 2024
Cyprus Cyberattack Middle East Dark Web Threat Alert Hackers

On October 21, 2024, several notorious hacking groups launched a coordinated cyberattack on critical infrastructure in Cyprus, specifically targeting its renewable energy sector and research organisations. The attack was carried out by an alliance of cybercriminals, including LulzSec Black, Moroccan Soldiers, Black Maskers Army, ANONYMOUS SYRIA, and Anonymous Collective.

Researchers discovered the planned attack through a routine manual scan of threat actors’ Telegram channels. This activity led to the identification of multiple groups’ discussions, which revealed that the cyberattack was initially planned for October 17, 2024, but was postponed. The delay was reportedly due to the assassination of Al-Isnuar, a key figure, prompting the groups to adjust their timeline.

 

The Cyprus cyberattack targeted energy and research sectors, motivated by its relationship with Israel, which exposed cybersecurity vulnerabilities.

 

The primary targets of this attack were Cyprus’ renewable energy infrastructure, represented by the website jpbenergy[.]com, and the country’s research and innovation sector, including the domain research[.]org[.]cy. As of October 21, the threat actors claimed to have disabled the servers of both organisations, sending a clear message that this was merely a warning shot, potentially signalling a broader offensive against Cyprus’ digital infrastructure.

According to the attackers, one of the primary motivations for the cyberattack was geopolitical, specifically the connection between Israel and Cyprus. Politically motivated attacks complicate matters further and raise questions about the country’s cybersecurity framework’s persistent vulnerabilities.

Odyssey, a prominent cybersecurity firm in Cyprus, issued a statement acknowledging the attack and its implications. The company confirmed that government agencies had been on high alert since October 17, when the first announcements of the attack surfaced on dark web forums. Despite the delay in the actual launch of the attack, Odyssey stressed that this incident highlighted the need for heightened security measures across critical infrastructure sectors.

In their statement, Odyssey assured the public and affected organisations that they were working closely with government agencies to monitor the situation and prevent further damage. “We take this threat seriously and are employing all available resources to mitigate any potential risks,” the company said. Additionally, they urged businesses and people to maintain vigilance and take the necessary precautions to safeguard their systems.

As the situation continues to develop, experts warn that this may only be the beginning of a larger campaign targeting Cyprus’ digital landscape. The involvement of multiple cybercriminal groups underscores the seriousness of the threat. Authorities are advising organisations to strengthen their cybersecurity defences, including updating systems, improving network monitoring, and preparing for potential follow-up attacks.

Critical infrastructure sectors are being closely monitored as this politically motivated cyberattack develops, and the cybersecurity community in Cyprus is on high alert. As the threat landscape changes, protecting the country’s digital assets will require cooperation between public and private institutions.

About the author