Cyber Incident Victim: Telcotech

In early November 2018, multiple Cambodian internet service providers experienced severe distributed denial-of-service (DDoS) attacks that disrupted connectivity nationwide. The attacks began impacting EZECOM, SINET, Telcotech, and Digi customers around November 5-6, 2018, with peak disruptions occurring on Monday and Tuesday of that week. These constituted some of the largest DDoS attacks ever recorded in Cambodia's history, reaching volumes of approximately 150Gbps during the most intense periods. The sustained assaults caused full outages lasting up to 12 hours for some users, followed by persistent slow internet speeds throughout the week as smaller follow-on attacks continued. Connectivity charts from the period showed measurable dips in traffic and latency spikes across Cambodian networks. Local news outlets extensively covered the disruptions, highlighting the unprecedented scale of the attacks relative to previous incidents in the country.

Affected ISPs implemented varying response measures during the crisis. SINET issued a formal press release acknowledging technical difficulties and apologizing to customers, though without detailing specific mitigation strategies. EZECOM, despite operating its own DDoS mitigation services, required assistance from external cybersecurity partners to contain the attacks, drawing public criticism for this reliance. No threat actor claimed responsibility, and authorities reported no associated political motives, hacktivist demands, or ransom requests during or after the attacks. The incident drew comparisons to the 2016 Liberia ISP attacks conducted via paid botnet services, though no direct connection was established. Service restoration occurred gradually across providers, with full normalization taking multiple days due to the attacks' intermittent nature and high-volume bursts.