Cyber Incident Victim: General Directorate for Passports
Date:
Jan 2016
Location:
Saudi Arabia
Summary
Anonymous conducted cyber attacks against multiple Saudi government agencies, including the General Passports Service, in retaliation for the execution of a prominent Shia cleric and other prisoners. The hacktivist group temporarily disrupted services on high-profile websites such as the Ministry of Defense, Education, and Customs, with some remaining offline following the coordinated campaign under operations #OpSaudi and #OpNimr. The attacks echoed previous targeting of government sites over human rights concerns.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 3 motives | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On January 2, 2016, the Saudi Arabian government announced the execution of 47 prisoners on terrorism charges, including prominent Shia cleric Sheikh Nimr Al Nimr, who had been arrested in 2012 for organizing anti-government protests. In response, the hacktivist collective Anonymous launched coordinated cyber attacks against multiple Saudi government websites under the campaigns #OpSaudi and #OpNimr, continuing previous activism against Al Nimr's prosecution. The attacks commenced shortly after the executions were publicized, with Anonymous-affiliated Twitter accounts announcing targets on January 3-4, 2016. Among the affected entities was the Saudi General Passports Service, whose website became inaccessible alongside critical infrastructure including the Ministry of Defense, Royal Air Force, Ministry of Education, Saudi Press Association, Customs Service, Ministry of Finance, and Ombudsman’s Office. This marked at least the second attack on the Defense Ministry’s digital assets within three days, as its site had already been offline since a prior disruption two days earlier.
The distributed denial-of-service (DDoS) attacks rendered multiple high-profile government services temporarily inoperable, disrupting public access to official portals. By January 5, 2016, when media documented the incident, some targeted websites had been restored while others remained offline, though specific restoration timelines for individual agencies weren’t disclosed. No data breaches or system compromises were claimed—Anonymous focused on temporary takedowns as symbolic protests against the executions. The collective’s social media channels circulated lists of targeted domains, emphasizing their opposition to Saudi Arabia’s judicial actions and prior threats against Al Nimr, whom they had defended since 2015 when he faced crucifixion charges. The incident demonstrated hacktivist capability to disrupt critical national infrastructure but did not involve permanent damage or theft of sensitive data from the passport service or other entities.