Cyber Incident Victim: Central Bank of Jordan
Date:
May 2016
Location:
Jordan
Summary
The Central Bank of Jordan was targeted in a series of distributed denial-of-service (DDoS) attacks as part of Operation OpIcarus, a campaign by Anonymous and affiliated groups like Ghost Squad against global financial institutions. The attacks disrupted online services, forcing websites offline for extended periods. This incident occurred alongside similar strikes on multiple central banks worldwide, with motivations including protest against government actions and solidarity with social movements. The operation utilized high-volume DDoS attacks reaching 250 Gbps to overwhelm targets' infrastructure. While services were eventually restored, the coordinated assaults demonstrated the groups' capability to disrupt critical financial systems as part of their broader hacktivist agenda.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 2 actors | Available to members | Available to members |
Description
The Central Bank of Jordan was targeted as part of Operation OpIcarus, a sustained distributed denial-of-service (DDoS) campaign conducted by the hacktivist collective Anonymous and affiliated group Ghost Squad against global financial institutions. This operation, relaunched in March 2016, escalated through coordinated attacks on central banking websites worldwide. The Central Bank of Jordan was among the early targets following the operation's relaunch, alongside the Central Bank of South Korea, Bank of Compagnie Monegasque, Central Bank of Montenegro, Bank of Greece, and Central Bank of Cyprus. Attackers employed high-volume DDoS attacks exceeding 250 Gbps to overwhelm target websites and force service disruptions. The campaign's stated motivations included protest against financial systems and solidarity with global social movements, though no specific rationale was provided for targeting Jordan. Technical details about the Jordan attack's duration or internal system impacts were not disclosed in available reporting, though all affected institutions eventually restored their online services.
The broader OpIcarus campaign intensified on May 13-15, 2016, with simultaneous 250 Gbps DDoS attacks against five additional banks: Bank of France, Central Bank of the United Arab Emirates, Central Bank of Tunisia, Central Bank of Trinidad and Tobago, and Philippine National Bank. These attacks caused multi-hour outages across all targeted sites, with Bank of France suffering two separate takedowns in one day. Anonymous publicly claimed responsibility, citing retaliation for the arrest of a Philippine hacker and support for #NuitDebout protests as motivations for specific targets. While the Central Bank of Jordan wasn't attacked during this particular wave, its earlier compromise contributed to the operation's cumulative impact. Anonymous maintained a Facebook event page to document attack evidence and coordinate publicity. All affected banking websites, including Jordan's, were confirmed operational by May 15, though the group vowed to continue OpIcarus indefinitely.