Cyber Incident Victim: Agence Marocaine De Presse
Date:
Feb 2023
Location:
Morocco
Summary
The Moroccan Press Agency (MAP) experienced a severe distributed denial-of-service (DDoS) attack targeting its websites, causing significant access disruptions due to overwhelming malicious traffic saturating its internet bandwidth. Technical teams identified the abnormal traffic surge, established a crisis response unit with partners to prevent full outages, and strengthened existing security protocols while engaging the national cybersecurity oversight body for support. Mitigation efforts focused on maintaining partial service continuity and hardening defenses against further disruptions.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
The Agence Marocaine De Presse (MAP) experienced a significant cyber incident impacting its websites beginning on or around February 12, 2023, identified as a distributed denial-of-service (DDoS) attack. This sustained assault generated abnormally high traffic volumes overwhelming the internet bandwidth supporting MAP’s web infrastructure, leading to severe accessibility disruptions for legitimate users attempting to access its online services. Technical staff at MAP detected these anomalous network flows saturating their connections, directly linking the performance degradation to malicious external activity rather than internal technical failures. The attack's timing and intensity occurred against a backdrop of regional geopolitical tensions, though no specific threat actor group or motivation was formally attributed within available reporting. MAP's operations team responded by documenting the incident parameters and escalating it to Morocco’s national cybersecurity authority—the MACERT (Computer Emergency Response Team) under the Directorate General of Information Systems Security (DGSSI)—for assistance in analysis and coordinated defensive measures.
Upon confirming the DDoS attack pattern, MAP engineers activated a crisis management unit collaborating with technical partners to implement immediate mitigation strategies aimed at preventing complete service outage. Their countermeasures focused on bolstering existing security configurations while strategically rerouting or filtering malicious traffic to preserve partial website functionality amid the ongoing bombardment. The intensive nature of the attack required continuous adjustments to network defenses to manage fluctuating threat volumes without disrupting core publishing operations. As a denial-of-service incident, the primary objective observed was resource exhaustion—flooding MAP’s servers with spurious requests to block authentic user access rather than data theft or system infiltration. Resolution efforts prioritized service restoration through traffic normalization while maintaining public communications capabilities. No data breaches or secondary attack vectors beyond the DDoS were reported during this incident period.