Cyber Incident Victim: European Court of Human Rights
Date:
Dec 2020
Location:
France
Summary
The European Court of Human Rights suffered a cyberattack that temporarily disabled its website following a ruling ordering Turkey's release of an incarcerated opposition leader. Hackers associated with the group Anka Neferler Timi claimed responsibility, demanding an apology for the court decision that criticized Turkey's prolonged detention of the politician as undermining democratic principles. The attack caused approximately 16 hours of website downtime before services were restored, with the Court condemning the incident as a serious breach while reaffirming the judgment's availability.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On December 22, 2020, the European Court of Human Rights published a grand chamber ruling in the case of Selahattin Demirtaş v. Turkey (no. 2), ordering Turkey to immediately release the former leader of the pro-Kurdish Peoples’ Democratic Party (HDP). Demirtaş had been incarcerated since 2016 on terrorism-related charges following the revocation of parliamentary immunity in Turkey, facing over 100 charges carrying a potential 142-year sentence. The Court determined his four-year detention violated fundamental democratic principles, stating it sent "a dangerous message" stifling political pluralism. Within hours of this ruling’s publication, hackers launched a cyber-attack targeting the Court’s website, causing approximately 16 hours of downtime. The website was restored by the following day, allowing public access to the judgment and other materials. The Turkish hacking collective Anka Neferler Timi (The Turkish Hacker Team) claimed responsibility via a Twitter account created earlier that month, demanding the Court apologize for its ruling. The group’s post asserted they had successfully taken down the site, though their account had fewer than 100 followers at the time.
The attack disrupted access to the Court’s digital services during the outage period but did not permanently compromise the published ruling or other legal documents. On December 23, the Court confirmed the incident was a "large-scale cyberattack" occurring shortly after the Demirtaş judgment’s delivery, describing it as a "serious incident" they "strongly deplored." Technical teams prioritized restoring website functionality, though no additional remediation measures or forensic findings were disclosed. The incident highlighted the immediate geopolitical repercussions of the Court’s rulings, particularly those challenging Turkish government actions. Demirtaş’s imprisonment had followed his party’s role in ending President Erdoğan’s parliamentary majority in 2015, underscoring the case’s political sensitivity. No further disruptions or subsequent attacks were reported following the website’s restoration. The Court’s statement emphasized continuity of operations, confirming the judgment remained accessible post-recovery without alterations to its content or legal standing.