Cyber Incident Victim: Central Bank of Tunisia
Date:
May 2016
Location:
Tunisia
Summary
Anonymous conducted distributed denial-of-service (DDoS) attacks against the Banque Centrale de Tunisie as part of Operation OpIcarus, temporarily disrupting its online services. The hacktivist collective targeted multiple central banks globally to protest government actions against activists and express solidarity with social movements. Attacks involved high-volume traffic floods reaching 250 Gbps, forcing several financial institution websites offline for extended periods. This incident aligned with the group's broader campaign focusing on financial sector infrastructure to demonstrate digital dissent capabilities.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 3 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 2 actors | Available to members | Available to members |
Description
On May 14, 2016, the Banque Centrale de Tunisie (Central Bank of Tunisia) was targeted in a distributed denial-of-service (DDoS) attack by the hacktivist collective Anonymous as part of Operation OpIcarus. The attack occurred alongside simultaneous strikes against the Bank of France, Central Bank of the United Arab Emirates, Central Bank of Trinidad and Tobago, and Philippine National Bank. Anonymous utilized 250 Gbps DDoS attacks to overwhelm the banks' web infrastructure, forcing all targeted websites offline for several hours. The Bank of France experienced two separate attacks within the same day. This coordinated action represented an escalation of OpIcarus, which had been relaunched in March 2016 to protest global financial systems. Anonymous claimed the attacks demonstrated solidarity with the #NuitDebout street protests in France and the #FreeAnons campaign supporting arrested hackers. The group specifically cited the Philippine National Bank attack as retaliation for authorities arresting a hacker who leaked voter data from the country's election commission.
The DDoS attacks caused significant disruption to the Central Bank of Tunisia's online services, rendering its website inaccessible during the attack window. This incident formed part of a broader campaign against central banking institutions that previously included attacks on the Central Bank of Jordan, Bank of Greece, Central Bank of Cyprus, and Dutch Central Bank between March and May 2016. No data breaches or financial thefts were reported in connection with the Tunisia attack. By May 15, 2016, all affected banking websites, including Tunisia's central bank, had restored normal operations. Anonymous publicly claimed responsibility through media channels and maintained a dedicated Facebook page documenting OpIcarus activities. The attacks highlighted vulnerabilities in financial sector web infrastructure to large-scale DDoS operations, though no specific mitigation measures or technical responses from the Central Bank of Tunisia were disclosed in available reporting.