Menu
Browse

Cyber Incident Victim: Egyptian Ministry of Information

Date:

Apr 2014

Location:

Egypt

Summary

The Egyptian Ministry of Information's website was compromised by hackers identifying as the Libyan Cyber Army, who defaced the site with a Libyan flag and a message stating "Hacked by the Great Team." The attackers did not specify a motive for the breach, which marked their first known successful intrusion against a high-profile Egyptian government target, having previously targeted Libyan government assets and privately owned Israeli websites. At the time of reporting, the defaced page remained visible on the compromised site.

CIA Posture Motives Tactics, Techniques & Procedures
Available to members 2 motives 1 technique
Threat Actor Type Location
1 actor Available to members Available to members

Description

On April 28, 2014, the official website of the Egyptian Ministry of Information (accessible at http://www.moinfo.gov.eg/vote/) was compromised and defaced by hackers identifying themselves as the Libyan Cyber Army. The attackers replaced the website's normal content with a defacement page prominently displaying the Libyan national flag alongside the message "Hacked by the Great Team." The compromise occurred several hours before public reporting, with the defacement remaining visible at the time of initial media coverage. No specific motive for the attack was disclosed in the defacement message or accompanying coverage. Technical details about the intrusion vector were not provided in available reporting, though the defacement was independently verified through Zone-H's mirror service (ID 22260120), confirming the website's alteration. The incident marked a notable breach of a high-profile Egyptian government digital asset, though immediate functional impacts beyond reputational damage and temporary service disruption were not documented.

Cyber Incident Image

This attack represented the first confirmed instance of the Libyan Cyber Army successfully targeting Egyptian government infrastructure, expanding their operational focus beyond previous activities. Historical context indicated the group had previously compromised Libyan government-owned web properties during domestic conflicts, alongside privately owned Israeli websites unrelated to the Egyptian incident. The sustained visibility of the defacement page suggested delayed detection or containment efforts by Egyptian authorities, though no official statements or remediation timelines were disclosed in available sources. The incident underscored vulnerabilities in Egyptian governmental web assets while demonstrating the Libyan Cyber Army's capacity to execute geographically motivated attacks against foreign state entities.

Sources
Sources available to members
1 source