Cyber Incident Victim: Guernsey Financial Services Commission
Date:
May 2016
Location:
Guernsey
Summary
The Guernsey Financial Services Commission was targeted in a distributed denial-of-service (DDoS) attack by hacktivist collective Anonymous and affiliated group Ghost Squad, causing temporary disruption to its online services alongside several international banking institutions. The attacks formed part of a broader campaign dubbed "Op Icarus," which aimed to disrupt financial entities globally, with motivations partially linked to exposing corruption highlighted in the Panama Papers leak. Anonymous claimed responsibility for targeting over 160 banks and financial organizations during this coordinated effort, temporarily disabling websites through volumetric attacks but without reports of data compromise or persistent operational damage.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 2 actors | Available to members | Available to members |
Description
On May 6, 2016, the Guernsey Financial Services Commission experienced a distributed denial-of-service (DDoS) attack that temporarily disrupted access to its official website. This incident occurred as part of a coordinated campaign dubbed "Operation Icarus," orchestrated by the hacktivist collective Anonymous in collaboration with Ghost Squad Hackers. The attackers simultaneously targeted eight international financial institutions, including the Central Bank of the Dominican Republic, the Central Bank of Maldives, and the Dutch Central Bank, all of which suffered temporary website outages on the same day. The National Bank of Panama and Central Bank of Kenya were similarly attacked on May 7, while the Central Bank of Mexico and Central Bank of Bosnia and Herzegovina subsequently faced disruptions. Anonymous had publicly announced the campaign through a video released on May 4, declaring their intent to execute "one of the most massive attacks ever seen in the history of Anonymous" against global banking infrastructure.
The operation expanded to include over ten financial institutions by early May 2016, with Anonymous publishing a list of 160 potential targets that included prominent entities like the US Federal Reserve, IMF, World Bank, and Bank of England. Attackers cited the Panama Papers leaks as motivation for targeting the National Bank of Panama, emphasizing their objective to pressure authorities into holding "corrupt elite" accountable. This campaign occurred amid heightened cybersecurity concerns for the banking sector following high-profile incidents such as the Bangladesh Bank cyber heist and the Qatar National Bank data breach. All affected institutions, including the Guernsey Financial Services Commission, restored normal website operations shortly after the attacks, though the incidents underscored systemic vulnerabilities to large-scale DDoS campaigns. No data breaches or financial thefts were reported in connection with these specific disruptions.