Cyber Incident Victim: Saudi Ministry of Defense

On January 3, 2016, the official website of the Saudi Ministry of Defense became inaccessible following a distributed denial-of-service (DDoS) attack conducted by unidentified hackers. The attack persisted for over 24 hours, with the website remaining offline as of January 4 when reports confirmed the incident. Iranian news agency Fars attributed the attack to Saudi hackers protesting the execution of prominent Shiite cleric Sheikh Nimr Baqir al-Nimr, though no group claimed responsibility or maintained identifiable social media channels to substantiate this claim. The cyber incident occurred amid heightened tensions between Saudi Arabia and Iran following Saudi Arabia’s execution of 47 individuals on terrorism charges, including al-Nimr and al-Qaeda figure Faris al-Zahrani. Saudi Arabia’s additional plan to crucify Mohammed al-Nimr—arrested at age 17 for alleged anti-government activities—had previously provoked hacktivist collective Anonymous to target Saudi government websites in protest.

The Ministry of Defense website outage represented an escalation in ongoing cyber hostilities between Saudi and Iranian actors. Prior incidents included Iranian hackers defacing the Saudi Royal Air Force website and Yemen Cyber Army’s leak of confidential Saudi Foreign Affairs data. Saudi-aligned hackers retaliated by breaching Iran’s Defense Ministry website and social media accounts of a state-owned Iranian TV channel. No technical details regarding attack vectors, mitigation efforts, or restoration timelines were disclosed for the Ministry of Defense incident. The prolonged downtime demonstrated operational disruption, though the scope of impact beyond public accessibility remains unverified. Historical precedents suggested geopolitical grievances frequently motivated such attacks, with hacktivist and state-aligned groups targeting critical government infrastructure during diplomatic crises.