In the context of persistent global tensions, which have given rise to not only armed conflicts on the ground but also the phenomenon of cyber warfare, the dissemination of disinformation, and the propagation of malinformation, the conflict between neighboring countries Morocco and Algeria has precipitated a series of cyberattacks.
The Algerian hacker group JabaRoot DZ claimed responsibility for an unparalleled succession of intrusions into the computer systems of multiple Moroccan institutions, culminating in the dissemination of substantial quantities of sensitive data, revealing significant vulnerabilities in the digital infrastructure and the protection of personal information.
Morocco-Algeria Cyber Conflict Amid Ongoing Tensions
In April, the Algerian hacker group carried out a wave of cyberattacks targeting key Moroccan institutions, marking what appears to be the largest data breach in Morocco’s history. Their main targets included the websites of the Ministry of Economic Inclusion and the National Social Security Fund (CNSS).
The group did not hide its intentions. Media reported that the group explained on its Telegram channel that the data leak was a direct response to what it called "hostile actions" by Moroccan hackers, who had taken over the Twitter account of the Algerian Press Service (APS) after Twitter suspended it.
After the attack, Morocco’s Ministry of Economic Inclusion confirmed that its website had been defaced by hackers claiming to be Algerian. The ministry emphasized that the site is strictly informational and does not store sensitive or professional data. An official statement by the Ministry announced: “No personal or sensitive data has been compromised.”
Following the statement, the hacker group JabaRoot DZ published what it said were employee pay slips from the ministry—more than 3,000 of them. The ministry, however, denied the documents were authentic, insisting they had been wrongly linked to its services.
Just a few hours after breaching the ministry’s website, JabaRoot DZ claimed responsibility for a much deeper and more serious cyberattack—this time targeting the Moroccan National Social Security Fund system (CNSS)—and alleged it had access to sensitive documents, including pay slips from various companies and employee name lists.
The findings indicated the leak involved nearly 500,000 companies and around 53,576 PDF files. Based on the materials shared by the hackers, the compromised data includes salary records, disclosing high-profile individuals’ salary information.
This cyberattack marks the most significant escalation in a long-running digital feud between Moroccan and Algerian hackers, part of an ongoing cyberwar driven by political tensions. Moroccan media outlets reported that these cyber clashes have flared up repeatedly over the past 15 years, often triggered by major political events or disputes, including the conflict over the Sahara and Algeria’s backing of the Polisario Front.
Data Leaks and Malinformation: When Cyberattacks Target Civilians
In the aftermath of the cyberattack, people began to worry, especially once salary documents started making the rounds online, sparking a wave of frustration on social media after the circulation of “shocking” high salaries. Many felt disheartened by the stark contrast between modest wages and the hefty paychecks of well-known individuals.
The anxiety did not stop there. As more alleged personal information surfaced online, concerns grew about the safety of their bank accounts. Some even reported getting suspicious messages and scams through SMS and social media shortly after the leak.
Tech experts also raised alarms about some leaked files being infected with malware and laced with viruses that could compromise people’s devices and steal even more personal data, or what they called “malinformation.”
Scientific research points out that malinformation is a lesser-known but important form of misleading content because it is built from real information that has been twisted or taken out of context. While it is often associated with misinformation and disinformation, recent studies argue that we need clearer definitions to better understand the differences. One study, using a well-established research method by philosopher Carl Hempel, found that malinformation is unique because it involves intent; it is not just sharing the truth, but deliberately reshaping it to mislead or cause harm. Other researchers put it more simply: malinformation is the truth, but used in the wrong way and for the wrong reasons.
Malinformation can take many forms, such as hate speech, incitement to violence, or even leaked documents, and cyberattacks often act as a catalyst, helping it spread faster and wider. These attacks do not just target institutions; they put people, so-called e-civilians or users online, at risk, exposing their data and privacy in ways that can be deeply damaging.
Random Power Outage or Organized Cyberattack?
Earlier this week, a massive power outage swept across the Iberian Peninsula, leaving much of Spain and Portugal in the dark for most of the day. The blackout disrupted daily life for millions and even had ripple effects on the French electrical grid. In a region not typically prone to such large-scale outages, the incident has sparked serious questions about the stability and resilience of the electricity infrastructure.
The blackout impacted tens of millions, shutting down businesses and disrupting hospitals, public transport, cellular networks, and other vital services. Even neighboring countries like Morocco felt the effects, experiencing disruptions in mobile networks, largely tied to issues with the telecom operator Orange, which also operates there.
Amid ongoing investigations in Spain and Portugal to determine what caused the widespread blackout, Portuguese Prime Minister Luís Montenegro stated that the issue appeared to have originated in Spain. Early reports pointed to a “rare atmospheric phenomenon” as the possible cause, citing information supposedly from Portuguese grid operator REN. REN later denied making any such statement, saying it was falsely attributed.
Meanwhile, speculation exploded online, with many suggesting the outage was the result of a cyberattack. That narrative gained traction after two pro-Russian hacktivist groups, referred to as Dark Storm Team and NoName057, publicly claimed responsibility. On X, Dark Storm posted that they and NoName057 had “successfully cut off electricity in some NATO countries,” referring to the blackout in Spain and Portugal. They also claimed to have taken down several key websites in the region.
Despite the online claims, authorities in both Spain and Portugal have downplayed the possibility of a cyberattack. António Costa, president of the European Council and former Portuguese prime minister, stated that there is “no evidence” pointing to a cyberattack but added that the exact cause of the blackout remains uncertain.
Teresa Ribera, a senior vice president of the European Commission, echoed that view, saying there was no indication that the outage was the result of a deliberate act. Additionally, Portugal’s current prime minister also emphasized that it is still too early to draw firm conclusions about what triggered the disruption.
Cyberwarfare, Privacy, and the Legal Scarcity
Ali Arjdal, a researcher specializing in personal information and privacy, explained that the recent cyberattacks on key Moroccan institutions, like the National Social Security Fund and several ministry websites, signal a major shift in how digital threats evolve. “We’re no longer just seeing DDoS attacks. These operations are now zeroing in on personal and economic data,” he told Misbar.
According to Arjdal, this marks part of a broader global trend: “We’re seeing data being used as a weapon, for pressure, blackmail, or even to erode public trust in institutions.”
Commenting on a recent case in Spain, where a power outage was allegedly linked to a cyberattack, he placed it within a dangerous new category: sovereign infrastructural hacking. “It’s one of the most serious forms of digital warfare,” he said.
While early reports ruled out a cyberattack in that case, Arjdal noted that a judge has launched an investigation, and if a hack is confirmed, it could be classified as an act of terrorism.
Regarding the major threats to individual privacy in the age of cyberattacks and global digital conflicts, Ali explained that the dangers go far beyond just leaked data. He pointed out that personal information can be taken out of context, identities can be manipulated, and digital profiles can be created and exploited for purposes that differ from social surveillance, political targeting, or spreading disinformation.
“In the context of international conflict, personal data often becomes a quiet weapon of soft warfare. It’s repurposed to reinforce stereotypes or fed into predictive AI systems, used in ways that often escape ethical scrutiny and legal oversight,” he emphasized.
“In today’s digital landscape, personal data is being exploited in increasingly sophisticated ways,” Ali explained. “One of the most concerning is behavioral micro-targeting, where disinformation campaigns are tailored to individuals based on their online habits and preferences. It’s fake news, but personalized, making it far more effective and harder to detect. Another tactic is social engineering, where attackers use data to mimic user behavior and gain unauthorized access to accounts or systems. And in some cases, personal data is used to construct false digital narratives or scenarios designed to damage someone’s credibility or reputation, especially during information warfare.”
“The consequences of these attacks aren’t just technical. They can be deeply structural,” Ali noted. “When citizens lose trust in the national digital infrastructure, it slows down digital transformation efforts and widens the digital divide, as people grow more hesitant to engage with digital services. It also chips away at the sense of digital safety in everyday life. In conflict situations, data breaches can make ordinary civilians indirect targets of cyberwarfare. That’s why there’s an urgent need for strong, preventive legislation to close the legal and ethical gaps these attacks expose.”
“So far, international law has been struggling to keep up with the fast pace of cyber threats,” Ali explained. “Take the Budapest Convention—it was a groundbreaking step, but it lacks global consensus and doesn’t fully address many of the newer forms of cyberattacks. There’s growing recognition that international humanitarian law should extend to cyberspace, especially when it comes to protecting civilians and critical infrastructure. But turning those principles into action depends heavily on political will. We need a balanced approach to digital governance—one that doesn’t reduce privacy to a security issue, and doesn’t sacrifice security in the name of absolute freedom.”
Read More
Disinformation Brokers: The Architects of Misinformation Profiting from Falsehoods
Disinformation and Power in the Battle for Greenland
How Fake News, Trolls, and Algorithms Are Manipulating Canadian Elections
Follow the latest news from Misbar on Google News Read More
Most Read
Report a Claim
Alert the Misbar team about false news, rumors or stories that need verification, or request clarification.
Follow us on social media
