Cyber Incident Victim: Bahrains international airport and state news agency

On February 14, 2023, hackers identifying as Al-Toufan ("The Flood" in Arabic) disrupted Bahrain’s international airport website and the state-run Bahrain News Agency (BNA) site. The airport website remained inaccessible for at least 30 minutes during midday, while BNA experienced intermittent outages. Al-Toufan published a statement claiming responsibility, framing the attack as support for Bahrain’s "oppressed people" during the 12-year anniversary of the 2011 Arab Spring uprising. The group shared images confirming 504 Gateway Timeout errors on both sites as evidence of the disruptions. Earlier that day, the same actors compromised Akhbar Al Khaleej, a pro-government newspaper, altering content on its platform before taking it offline entirely; the newspaper’s website remained inoperable through at least February 14. No technical details regarding attack vectors (e.g., DDoS, defacement tools) or specific infrastructure impacts were disclosed in available reporting.

The incident coincided with the anniversary of Bahrain’s 2011 protests, where the Shiite majority challenged the Sunni monarchy before a Saudi- and UAE-backed crackdown. Al-Toufan’s actions aligned with its historical pattern of targeting Bahraini government assets during politically sensitive periods, including prior attacks during November 2022 elections boycotted by banned opposition groups. Authorities did not issue immediate public statements regarding mitigation efforts, attribution, or system restoration timelines. The disruptions represented continuity in low-level cyber activism linked to Bahrain’s unresolved sectarian tensions, which have included state measures like imprisoning activists, mass citizenship revocations, and media suppression since 2011. Al-Toufan’s operational focus on symbolic timing and limited-duration outages suggested intent for psychological impact rather than persistent technical damage.