Cyber Incident Victim: Times of Malta
Date:
Feb 2024
Location:
Malta
Summary
Times of Malta endured a distributed denial-of-service attack that inundated its servers with millions of requests, leading to a 45-minute website outage during the early morning hours. The external assault, which involved no data compromise, surpassed existing security measures and is unprecedented for the nation's primary news platform. In response, enhanced protections including Cloudflare verification screens have been deployed, potentially reducing browsing speed, and the incident has been referred to law enforcement for investigation.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On the morning of February 6, 2024, cybercriminals launched a major Distributed Denial of Service (DDoS) attack against the Times of Malta website, beginning at approximately 6:00 a.m. The assault involved flooding the publication's servers with millions of synthetic access requests within a very short timeframe, a method designed to overwhelm system capacity and disrupt legitimate traffic. This attack was described as unprecedented for Malta's largest website. At its peak intensity, the volume of malicious traffic successfully breached the website's existing protective defenses, causing a complete outage for the site. For a 45-minute period during the morning, the Times of Malta was inaccessible to most readers as servers collapsed under the strain. While the active attack phase spanned several hours, from its start until it was brought under control around 9:30 a.m., the direct impact on end-users was limited to that shorter, significant downtime. The online editor, Bertrand Borg, confirmed that the attack was a purely external action and stated that no data breach or compromise of user information was suspected, as the objective was disruption rather than theft.
Following the incident, Times of Malta's technology team initiated immediate mitigation efforts to counter the flood of requests and restore service. The organization has since implemented additional, multi-layered protective measures to harden its defenses against any potential repeat attack. As part of these ongoing security protocols, IT personnel are continuously monitoring website traffic patterns to detect anomalies and enable swift intervention if necessary. Borg indicated that these heightened mitigation measures will remain in place for the foreseeable future, which may result in slightly slower browsing speeds for visitors. Users accessing the site might also encounter an unusual Cloudflare verification screen, which serves as an extra protective check to filter out automated attack traffic and make it more difficult for adversaries to flood the servers again. The publication has formally reported the cyberattack to Maltese police authorities, who have opened an investigation into the source of the attack, though no responsible party has yet been identified. The DDoS attack represents a common form of cyber aggression where compromised computer systems globally are commandeered to simultaneously target a single victim, creating a server overload analogous to a severe traffic gridlock.