Cyber Incident Victim: Office of the First Deputy Prime Minister of Bahrain

In mid-2019, Bahrain experienced a series of cyberattacks targeting government entities and critical infrastructure providers. The incidents affected the National Security Agency, the Ministry of Interior, and the Office of the First Deputy Prime Minister. Concurrently, hackers compromised systems within the Electricity and Water Authority, forcing the shutdown of several operational networks. These intrusions represented both espionage against government institutions and disruptive actions against civilian infrastructure. The Bahraini Ministry of Interior reported intercepting over 6 million cyberattacks and 830,000 malicious emails during the first half of 2019, though specific detection methods for these breaches weren't disclosed. U.S. intelligence officials cited in Wall Street Journal reports confirmed at least three entities suffered intrusions, drawing parallels to the 2012 Shaman attacks against Gulf energy infrastructure.

The attacks occurred amid heightened regional tensions following U.S. Cyber Command operations against Iranian systems in June 2019. While no direct forensic evidence linked Tehran to the Bahrain incidents, U.S. officials characterized the activity as exceeding normal levels of Iranian cyber operations. Bahraini authorities implemented undisclosed "robust safeguards" in response, emphasizing defensive measures rather than offensive counteractions. The U.S. Department of Homeland Security and National Security Agency concurrently issued alerts about increased Iranian cyber aggression targeting critical infrastructure. Operational impacts included temporary disruption of utility systems, though no long-term damage or data theft was explicitly confirmed. The incidents highlighted vulnerabilities in secured command-and-control networks while serving as observable demonstrations of capability to regional adversaries.