Cyber Incident Victim: Central Bank of Trinidad and Tobago
Date:
May 2016
Location:
Trinidad and Tobago
Summary
The Central Bank of Trinidad and Tobago was targeted in a series of distributed denial-of-service (DDoS) attacks as part of Operation OpIcarus, a campaign by the hacktivist group Anonymous and affiliated entities like Ghost Squad. The attacks, which peaked at 250 Gbps, forced the institution's website offline for several hours alongside multiple other global financial entities. Anonymous cited motivations including solidarity with global protest movements and retaliation against government crackdowns on hacktivists, emphasizing their resistance through disruptive actions against symbolic financial infrastructure. The incident was part of broader efforts impacting numerous central banks worldwide, with services restored following the attacks.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 2 actors | Available to members | Available to members |
Description
On May 13, 2016, the Central Bank of Trinidad and Tobago experienced a distributed denial-of-service (DDoS) attack as part of Anonymous’ Operation OpIcarus campaign. The attack coincided with simultaneous assaults on four other financial institutions: the Bank of France, Central Bank of the United Arab Emirates, Central Bank of Tunisia, and Philippine National Bank. Anonymous and affiliated hacker group Ghost Squad executed these attacks using high-volume traffic floods reaching 250 gigabits per second (Gbps), overwhelming the banks’ web infrastructure. The Central Bank of Trinidad and Tobago’s website was forced offline for multiple hours due to the sustained attack intensity, disrupting public access to its online services. This incident occurred during a weekend, a pattern consistent with OpIcarus’ strategy of targeting financial institutions during non-peak business periods.
Operation OpIcarus, relaunched in March 2016, specifically targeted central banks and monetary authorities globally as a protest against perceived economic inequality and government oppression. The May 13 attacks represented an escalation in the campaign’s scope, marking the first time Trinidad and Tobago’s central bank was impacted. Anonymous publicly claimed responsibility through communication with media outlet HackRead, framing the attacks as acts of solidarity with global protest movements like France’s #NuitDebout demonstrations. While the Philippine National Bank attack explicitly supported the #FreeAnons campaign protesting hacker arrests, the Central Bank of Trinidad and Tobago’s targeting appeared linked to the operation’s broader anti-establishment objectives. All affected banking websites, including Trinidad and Tobago’s, were restored to normal operation within hours of the attacks. The incident formed part of a documented pattern of OpIcarus strikes against over 15 central banking entities between March and May 2016, including prior targets in Jordan, South Korea, Greece, and Cyprus.