Cyber Incident Victim: Kuwait National Assembly

On November 26, 2016, coinciding with Kuwait’s parliamentary elections, hackers identifying themselves as "Group_Dmar" defaced the official website of the Kuwaiti National Assembly. The attackers replaced the main page with a message in Arabic directed at lawmakers and the public. The primary accusation targeted Abdul Hamid Dashti, a sitting member of parliament, whom the hackers labeled an Iranian agent. The message alleged possession of secret communications between Dashti, Iranian officials, and the Syrian government, threatening to release these recordings publicly. It explicitly warned Dashti against targeting Saudi Arabia, stating, "the people and government of the Kingdom of Saudi Arabia are a red line not to be crossed." This reference aligned with prior tensions, as Saudi Arabia had formally requested Kuwait prosecute Dashti in 2015 for repeatedly insulting the kingdom through media statements. Dashti had also drawn criticism for meeting with relatives of Imad Mughniyah, a deceased commander of the Iran-backed militant group Hezbollah.

The defacement further urged Kuwaiti MPs to address systemic grievances affecting the Bidoon community—stateless residents denied citizenship rights despite generations of residence. The hackers’ message emphasized their lack of access to education and healthcare, questioning, "When will their suffering end?" This advocacy referenced a longstanding domestic issue, with over 110,000 Bidoon residing in Kuwait per regional reports, though the government recognized only 34,000 as potentially eligible for citizenship. Authorities maintained the remainder were economic migrants from neighboring states without legitimate claims to nationality. The attack disrupted the parliamentary website during a high-profile election but did not include additional technical details regarding intrusion methods, data compromise, or restoration efforts. No subsequent leaks of the alleged recordings were documented in the available source material.