Cyber Incident Victim: Kuwait Ministry of Finance

On September 18, 2023, Kuwait's Ministry of Finance reported a cyber attack targeting one of its systems during early morning hours. The ministry issued a public statement confirming the incident, noting that its operational continuity was unaffected and that normal work proceeded despite the breach. Immediate response protocols were activated, including existing cybersecurity protection systems and incident management procedures. The ministry did not disclose technical details about the attack vector, attacker identity, or specific compromised system but emphasized its focus on evaluating the severity and scope of the intrusion. No disruption to core financial operations or public services was acknowledged at this initial stage.

The ministry explicitly stated that salary transfer systems remained unaffected, mitigating concerns over payroll disruptions for government employees. While confirming the attack’s occurrence, officials provided no further specifics regarding data compromise, financial losses, or potential threat actors. Internal cybersecurity teams conducted ongoing assessments to determine the attack’s sophistication and impact level. No evidence of lateral movement beyond the initially breached system was disclosed publicly. The ministry maintained transparency about its containment efforts but did not reference external law enforcement or third-party cybersecurity collaboration in its initial communication.