Libya Telecom Confirms Ongoing Cyber Assault
State-owned telecom operator Libya Telecom and Technology (LTT) has disclosed that its networks and internal systems have been under a prolonged Distributed Denial of Service (DDoS) attack for several consecutive days.
The company said the attacks are aimed at its core infrastructure, raising fresh concerns over the resilience of Libya’s national digital and communications systems amid growing cybersecurity threats.
Emergency Measures Deployed to Limit Disruption
According to Libya Telecom, the cyberattack began last week and prompted the immediate activation of its emergency incident response framework. The operator said these measures helped contain the attack and avoid widespread service outages.
Despite deliberate attempts to degrade network performance and disrupt services, the company noted that the response protocols were effective in limiting the overall impact.
LTT added that its engineering and security teams remain on continuous standby, monitoring network traffic around the clock to preserve service stability and prevent further escalation.
Operator Strengthens Cyber Defences
Libya Telecom confirmed that it is assessing additional cybersecurity safeguards to reinforce its defences against both ongoing and future attacks.
The company said these efforts are part of a broader objective to protect Libya’s national communications backbone, which underpins government operations, financial systems, commercial activity, and emergency response services.
Libya’s High Exposure to Cyber Threats
The incident highlights Libya’s long-standing vulnerability to cyber risks. A 2023 technical assessment by Business Insider ranked Libya as the most exposed country in Africa to cybersecurity threats, placing it 90th worldwide.
The report linked the elevated risk to insufficient cybersecurity frameworks and weak enforcement against cybercrime, leaving critical infrastructure susceptible to repeated attacks.
LPTIC Previously Warned of Persistent Attacks
In the same year, the Libyan Post, Telecommunication and Information Technology Holding Company (LPTIC) disclosed that its data centre was facing continuous cyber intrusions.
As Libya’s main telecommunications holding entity, LPTIC oversees state-owned operators such as Libya Telecom and plays a central role in managing the country’s digital infrastructure.
Cyber attackers targeting Libyan institutions have increasingly deployed ransomware, service disruptions, and data exfiltration, posing risks to public services and the broader digital economy.
Cyberattack Occurs Amid Network Modernisation
The DDoS incident coincides with a significant infrastructure modernisation programme underway at Libya Telecom. In early December, the operator began implementing a phased plan to shut down legacy telephone exchanges as part of its shift toward fibre-optic connectivity.
Under the initiative, fixed-line voice services are being migrated to Libya Telecom’s modern platforms, enabling service delivery through newer, approved technologies.
ADSL Services to Continue During Fibre Rollout
Libya Telecom said the first stage of the programme involved the closure of 70 traditional telephone exchanges. However, existing ADSL broadband services will remain active until fibre-optic deployments are fully completed nationwide.
The company said the project supports its long-term vision of building a modern, robust, and sustainable telecommunications infrastructure capable of meeting future demand.
Conclusion
Libya Telecom’s disclosure of sustained DDoS attacks underscores the escalating cybersecurity challenges facing the country’s digital infrastructure. While rapid response measures have so far limited service disruption, the incident highlights the urgent need for stronger cyber resilience as Libya advances its transition to next-generation, fibre-based communications networks.
