Hermes Airports, Cyprus Electricity Authority, Cyprus Telecommunications Authority and EKO Cyprus: Cypriot Websites Hit by DDoS Cyberattacks Greek City Times

Cypriot Critical Infrastructure Targeted in Coordinated DDoS Cyberattacks

A wave of cyberattacks struck Cyprus in recent days, disrupting government and private-sector websites through Distributed Denial-of-Service (DDoS) assaults. Authorities confirmed that multiple high-profile targets including airports, banks, telecom providers, and energy firms were hit in at least six separate incidents over a short period.

Among the affected organizations were Hermes Airports (operator of Cyprus’s two international airports), the Bank of Cyprus, the Cyprus Telecommunications Authority (CYTA), the Cyprus Electricity Authority (EAC), and fuel supplier EKO Cyprus, alongside several government portals. The attacks aimed to overwhelm servers with excessive traffic, temporarily blocking legitimate access, though no major operational disruptions or data breaches were reported.

Cybersecurity teams successfully mitigated the attacks, ensuring critical services such as airport operations, banking, and energy systems remained unaffected. Officials noted that only informational websites were targeted, not core operational infrastructure.

Analysts suspect the campaign was politically motivated, with hacker groups LulzSec Black, Moroccan Soldiers, and Anonymous Syria claiming responsibility. The attackers cited Cyprus’s support for Israel amid the Middle East conflict as justification for the strikes.

The Commissioner of Communications and Digital Security warned that the incident underscores the escalating threat of cyber warfare, emphasizing the need for robust response and recovery measures. The attacks align with a broader global rise in DDoS incidents, particularly from hacktivist groups seeking to disrupt services.

Source: https://greekcitytimes.com/2026/03/15/cypriot-websites-ddos-cyberattacks/

EKO Cyprus cybersecurity rating report: https://www.rankiteo.com/company/ekocyprus

Bank of Cyprus cybersecurity rating report: https://www.rankiteo.com/company/bank-of-cyprus

Hermes Airports Ltd cybersecurity rating report: https://www.rankiteo.com/company/hermes-airports-ltd

"id": "EKOBANHER1773649929",
"linkid": "ekocyprus, bank-of-cyprus, hermes-airports-ltd",
"type": "Cyber Attack",
"date": "3/2026",
"severity": "60",
"impact": "2",
"explanation": "Attack limited on finance or reputation"

{'affected_entities': [{'industry': 'Transportation/Aviation',
                        'location': 'Cyprus',
                        'name': 'Hermes Airports',
                        'type': 'Airport operator'},
                       {'industry': 'Financial Services',
                        'location': 'Cyprus',
                        'name': 'Bank of Cyprus',
                        'type': 'Bank'},
                       {'industry': 'Telecommunications',
                        'location': 'Cyprus',
                        'name': 'Cyprus Telecommunications Authority (CYTA)',
                        'type': 'Telecom provider'},
                       {'industry': 'Energy/Utilities',
                        'location': 'Cyprus',
                        'name': 'Cyprus Electricity Authority (EAC)',
                        'type': 'Energy provider'},
                       {'industry': 'Energy/Oil & Gas',
                        'location': 'Cyprus',
                        'name': 'EKO Cyprus',
                        'type': 'Fuel supplier'},
                       {'industry': 'Public Sector',
                        'location': 'Cyprus',
                        'name': 'Government portals',
                        'type': 'Government'}],
 'attack_vector': 'Distributed Denial-of-Service (DDoS)',
 'description': 'A wave of cyberattacks struck Cyprus in recent days, '
                'disrupting government and private-sector websites through '
                'Distributed Denial-of-Service (DDoS) assaults. Multiple '
                'high-profile targets including airports, banks, telecom '
                'providers, and energy firms were hit in at least six separate '
                'incidents over a short period. The attacks aimed to overwhelm '
                'servers with excessive traffic, temporarily blocking '
                'legitimate access, though no major operational disruptions or '
                'data breaches were reported.',
 'impact': {'data_compromised': 'None reported',
            'downtime': 'Temporary blocking of legitimate access',
            'operational_impact': 'No major operational disruptions',
            'systems_affected': 'Informational websites'},
 'lessons_learned': 'The incident underscores the escalating threat of cyber '
                    'warfare and the need for robust response and recovery '
                    'measures.',
 'motivation': 'Political (Cyprus’s support for Israel amid the Middle East '
               'conflict)',
 'references': [{'source': 'Cyber incident description'}],
 'response': {'containment_measures': 'Cybersecurity teams successfully '
                                      'mitigated the attacks',
              'recovery_measures': 'Ensured critical services remained '
                                   'unaffected'},
 'stakeholder_advisories': 'The Commissioner of Communications and Digital '
                           'Security warned about the rising threat of cyber '
                           'warfare.',
 'threat_actor': ['LulzSec Black', 'Moroccan Soldiers', 'Anonymous Syria'],
 'title': 'Cypriot Critical Infrastructure Targeted in Coordinated DDoS '
          'Cyberattacks',
 'type': 'DDoS'}