Moroccan cybersecurity dangerously undermined by successive attacks 1448
Since April 2025, Morocco has been facing a series of major cyberattacks claimed by a collective of hackers allegedly Algerian, named "JabaRoot DZ." These cyberattacks have targeted key economic and administrative institutions, notably the Ministry of Employment, the National Social Security Fund (CNSS), and more recently the Ministry of Justice, as well as platforms related to land registry and property conservation.
What is clear, let’s say it outright, is that Algeria does not possess the technological power or expertise for such operations. It is highly likely that its services call upon "skills," notably from Eastern Europe, to attack the Kingdom’s interests in its ongoing global war against its "classic enemy." If this hypothesis proves true, the question would then be who else might have the hacked information and for what purpose.
The first intrusion, which occurred in early April 2025, began with the hacking of the Ministry of Employment’s website and quickly extended to the CNSS database. This attack led to the leak of thousands of sensitive documents, exposing the personal information of nearly two million employees and the administrative data of about 500,000 Moroccan companies. Among the leaked data were pay slips detailing names, social security numbers, salaries, and sometimes identity card numbers of very important personalities and leaders of Royal Air Maroc, Attijariwafa Bank, Banque Centrale Populaire, and the Mohammed VI Investment Fund.
Less than two months later, in June 2025, JabaRoot DZ claimed a new "large-scale" cyberattack against the National Agency for Land Conservation, Cadastre, and Cartography (ANCFCC). Although the ANCFCC denied any direct intrusion into its servers, it was revealed that the vulnerability originated from an electronic platform used by some notary offices for archiving land documents. The hackers claim to have obtained about 4 terabytes of data, including millions of land titles, contractual documents, copies of identity cards, passports, as well as banking documents and information concerning high-ranking officials and public figures. This leak led to the temporary shutdown of the platform by the ANCFCC for security reasons.
The hackers justify these attacks as retaliation for alleged Moroccan hacking attempts against Algerian institutions, notably the Twitter account of the Algerian Press Agency (APS). They also threatened further actions in case of future attacks against Algerian interests. These events occur in the context of geopolitical tensions between Morocco and Algeria, exacerbated by recent developments related to the Sahara issue and regional rivalries; Morocco has been recording victory after victory at a rapid pace. Algeria, in its official and unofficial media, no longer hides and even implicitly claims responsibility for the hacking, ignoring that this amounts to a form of state terrorism.
These cyberattacks have had serious consequences: they have eroded citizens’ trust in digital public services, increased the risks of identity theft and banking fraud, and damaged the reputation of the affected companies. The Moroccan government has condemned these acts as "criminal" and announced measures to strengthen cybersecurity while launching internal investigations.
The series of attacks especially highlights major vulnerabilities in the cybersecurity of Moroccan institutions. The massive centralization of sensitive data on single platforms and the creation of junctions between multiple actors and platforms facilitate things for citizens and institutions in the context of digitalization, but also make it easier for hackers to gain massive access in case of a breach. It is therefore crucial to thoroughly and promptly review the national data protection strategy.
To better distribute its data and strengthen its security, Morocco could adopt several complementary strategies, relying notably on the 2030 National Cybersecurity Strategy and international best practices. It should likely avoid excessive centralization by distributing sensitive data across multiple secure systems, segment networks to limit lateral movements by hackers, and use data transmission techniques through several distinct channels to reduce the risk of simultaneous theft.
Morocco must also integrate decentralized cybersecurity solutions based on blockchain and collective intelligence, establish a national sovereign cloud with local hosting and end-to-end encryption guaranteeing the protection of critical information.
Moreover, the country should develop an agile and adapted legal framework, build a national pool of qualified cybersecurity professionals through specialized curricula and certifications, and establish a high-performance Security Operations Center combining advanced detection tools and local teams capable of managing threats specific to the Moroccan context. A higher cybersecurity school, where carefully selected students—true specialists—would be trained, could be a major strategic advance guaranteeing both competence and independence in this field.
Faced with rising cyber threats, it is urgent for Morocco to adopt a proactive and innovative cybersecurity policy based on a decentralized technical architecture.
Strengthening regional and international cooperation is not a luxury here. The real-time exchange of critical information is crucial; as is encouraging public-private collaboration through threat intelligence-sharing platforms to anticipate and respond quickly to incidents.
Today, it is clear that many claim to master the issue, offering services that will soon expose their limits and incompetence. Administrations and companies must be very cautious before engaging or hiring skills in this very sensitive domain.
This sphere relies on agile governance, the development of human skills, and active cooperation at national and international levels. An integrated approach is essential to build a resilient, sovereign cyberspace capable of supporting the country’s ambitious digital transformation while effectively protecting its security, institutions, citizens, and economy.