Society

Cyberattack Against Morocco – An Old Threat Resurfaces

6 days ago
3 minutes read
WhatsApp Image 2025 04 12 at 15.44.35

Latifa CHAKRI

Morocco’s cybersecurity is once again under scrutiny, owing to a series of cyberattacks targeting its institutions for over a decade. These cyberattacks began well before 2013, when hackers contacted members of a Moroccan group to alert them about the sale of sensitive Moroccan data on the Dark Web. They immediately passed this information to Moroccan authorities. Unfortunately, their warnings went unheeded, paving the way for a surge of attacks in the following years.

Hacking proliferated in successive waves: first affecting universities, then public administrations, ministries, banks, and more recently, management companies. The Chris Coleman affair, revealed in 2014, remains one of the most emblematic cases. The perpetrator, having infiltrated several key institutions, was identified in just twelve days by a team of Moroccan cyber activists—a cybersecurity expert, a woman based in France, and two brilliant autodidact Moroccan youths operating from within the country.

Acting outside institutional frameworks, these activists skillfully located the attacker and established their identity, where official services had faltered. At the time, many pointed fingers at Algeria as the culprit. However, two years later, Moroccan authorities acknowledged that the attack originated from a different network. This reversal underscored the importance of relying on solid technical evidence rather than hasty geopolitical assumptions.

The CNSS: A New Victim

More recently, the National Social Security Fund (CNSS) has come under attack. A cyber intrusion led to the leak of sensitive data, including personal information of numerous citizens, as well as a document regarding a member of the royal cabinet. This highly publicized incident has once again spotlighted the serious security shortcomings within our institutions.

A Persistent Threat

The attacks have never truly ceased. Since 2013, hackers active on the Dark Web have regularly alerted their Moroccan counterparts about the existence of compromised Moroccan administrative data in circulation. Despite repeated notifications to the authorities, no concrete action has been recorded. This passivity has left glaring security vulnerabilities, facilitating unauthorized access to the most critical state systems.

A Cooperative Mindset, Not an Offensive One

Today, while Algerian authorities sarcastically comment on the current situation, it can be paradoxically said that this media coverage serves as an indirect service to Morocco. It finally allows for the voices within the country, which have been alerting for years about the insufficiency of cybersecurity measures, to be heard.

Historically, the relations between Algerian and Moroccan cyber activists have been marked more by cooperation and mutual awareness than by any real cyber warfare. Certainly, isolated incidents may have occurred, but overall, the dominant philosophy has remained defensive and collaborative. That is why it is essential not to jump to hasty conclusions without formal technical evidence.

Neglected Cybersecurity

The real issue lies elsewhere: a lack of rigor in managing digital infrastructures. The case of the CNSS is telling: the recent hacking incident was not due to a sophisticated attack, but rather to the failure to update servers. This negligence has allowed breaches to multiply, not only within academic or administrative systems but also within those of ministries, banks, and now management companies.

A Late Awakening

As cyberattacks grow more complex, the consequences of neglected cybersecurity are becoming increasingly apparent. If the warnings from Moroccan cyber activists had been taken seriously from the outset, much of the data now circulating on the Dark Web could have been safeguarded.

Morocco must now confront the cumulative effects of this inertia. It is imperative to respond promptly, to strengthen digital infrastructures, to train administrative personnel, and especially to regularly update software systems. In the current context, cybersecurity is no longer merely a technical issue: it is a major strategic concern, a new battleground, and a matter of national sovereignty.

Recommendations for Moroccan Institutions & Firms:

• Segment networks (to prevent hackers from easily moving from one system to another).

• Train personnel in cybersecurity (phishing, best practices, etc.).

• Implement active monitoring (intrusion detection).

• Simulate attacks (red team) to test system resilience.

• Develop incident response plans and conduct regular drills.

6 days ago
3 minutes read

Related Articles

METEO MAROC 1.webp

Weather Forecast in Morocco: Rain and Wind Gusts Expected on Monday, April 14

5 days ago
vis 0404202510222243

Air Europa Restarts Flights to Marrakech with Two Weekly Rotations Starting April 6th

2 weeks ago
ONEE

ONEE Opens Access to Green Energy for Its Medium Voltage Customers: A New Turning Point in the Energy Transition

4 days ago
DGAPR Concours Emploi Recrutement e1638456141816

Morocco Launches University Degree in Medicine for Inmates: A Pioneering Initiative in Africa and the Arab World

February 19, 2025

Leave a Reply

Your email address will not be published. Required fields are marked *

© Copyright MCG24 - 2025, Tous droits réservés  
Back to top button