Cyber Incident Victim: Thadiq Principality

On January 16, 2014, hackers affiliated with the Syrian Electronic Army (SEA) breached and defaced 16 Saudi Arabian government websites. The compromised sites belonged to various administrative regions, including entities identified as principalities. Attackers replaced legitimate content with a political message condemning the Al Saud regime, accusing it of employing terrorist groups for covert operations. This defacement campaign operated under the hashtag #ActAgainstSaudiArabiaTerrorism. Administrators responded by taking all affected websites offline following the discovery of the breaches. The SEA did not disclose specific technical methods used to compromise the sites but emphasized their operations would continue despite infrastructure disruptions.

The incident occurred amid heightened tensions between Syrian and Saudi political factions. Concurrently, the SEA faced operational challenges as the Turkish hacker group Turkguvenligi had breached the SEA’s own website through its hosting provider. This forced the SEA to suspend their primary online presence while seeking alternative hosting. The group announced via social media that future attacks against unspecified targets would proceed as planned, though no additional Saudi Arabian entities were explicitly named in immediate follow-up threats. Website administrators maintained the affected principalities’ domains in an offline state during initial response efforts, with no public confirmation of full restoration timelines at the time of reporting. The SEA reaffirmed its intent to coordinate further activities through social media channels until securing new infrastructure.