Cyber Incident Victim: Central Bank of Libya

On April 1, 2024, the Central Bank of Libya (CBL) publicly disclosed via its Facebook page that its Foreign Currency Reservation Platform (FCMS.CBL.GOV.LY) had experienced a distributed denial-of-service (DDoS) cyberattack earlier that day. The attack disrupted public access to the online system, which facilitates individual foreign currency reservations. By Monday evening, the CBL cybersecurity team successfully mitigated the attack by implementing a network access restriction policy that blocked all system connections originating from IP addresses registered outside Libya. This containment measure restored platform functionality, allowing the system to resume normal operations immediately after the attack was neutralized. Despite the disruption, the platform processed 17,900 foreign currency reservations totaling $68 million USD on the day of the attack. Transaction volumes remained consistent the following day, with 17,200 reservations worth $65 million USD completed on April 2, 2024.

The CBL further reported that its official website sustained a separate DDoS attack on Wednesday, April 3, 2024, though the exact start time was unspecified. Bank personnel detected and engaged response protocols against this secondary attack while the statement was being published. No operational impact or financial losses from the website attack were quantified in the disclosure. The bank emphasized its ongoing efforts to address both incidents through active countermeasures and stated its intention to strengthen defenses against future breaches of similar nature. No threat actor attribution, data compromise, or additional technical details about the attack vectors were provided in the available public statements.