Several websites in Cyprus have come under cyberattack in recent days, Commissioner of Communications George Michaelides said, although he described the incidents as the most common and least dangerous type of attack.
Asked to comment on reports of attacks on Cypriot websites, Michaelides said there was some activity and that this happens from time to time. He said the websites had been hit by Distributed Denial-of-Service, or DDoS, attacks, in which pages are overloaded by artificially increased traffic.
He said that while such an attack is underway, a website becomes so overloaded that it cannot serve users. He added that this was the easiest kind of attack to carry out and did not require special skills.
Michaelides said the attacks were simple and meant that anyone trying to use an affected website at that moment would not be able to do so. He added that this was a frequent phenomenon.
Asked whether there were indications as to why the attacks were happening now, he said they could be linked to developments in the region, Cyprus’s EU presidency, or could simply be coincidental. He added that the targeted websites were varied and not limited to government pages, making it impossible to conclude that the state itself was being singled out.
He said no pattern had been identified in the sites being targeted and added that the attacks had been seen over the past few days, though not continuously. He said they might last for a short period each day rather than run without interruption.
On how such attacks are handled, Michaelides said the Digital Security Authority could provide information and technical assistance if needed. He said preventing this kind of attack required a website owner to buy specialist services that divert incoming traffic elsewhere so the site can keep operating, adding that the more someone pays, the larger the attack they can withstand.
He said such measures are usually put in place in advance rather than during an attack. Michaelides added that the authority monitors the phenomenon around the clock and keeps critical infrastructure operators informed on a continuous basis.