State-owned telecommunications provider Libya Telecom and Technology (LTT) has confirmed that its systems and networks have been subjected to a sustained Distributed Denial of Service (DDoS) attack over the past several days.

According to the company, the attacks have targeted its core systems, raising serious concerns about the security of Libya’s critical digital infrastructure and the growing cyber risks facing the country’s telecommunications sector.

Emergency Response Protocols Activated

Libya Telecom said the attacks began last week and immediately triggered the activation of its emergency response protocols. The company explained that the coordinated response helped mitigate the impact of the cyberattack and prevented major service disruptions.

“Despite attempts to disrupt services and affect network quality, our emergency response measures were promptly activated and successfully limited the impact of the attacks,” the company said.

LTT added that its technical teams remain on high alert, monitoring the network around the clock to ensure service continuity and protect critical systems from further escalation.

Additional Security Measures Under Review

The telecom operator noted that it is exploring additional defensive measures to strengthen its cybersecurity posture and improve resilience against future attacks.

These efforts, according to the company, are aimed at safeguarding Libya’s national communications infrastructure, which supports government services, financial transactions, business operations, and emergency services.

Libya Faces Elevated Cybersecurity Risks

The incident comes amid longstanding concerns about Libya’s exposure to cyber threats. A 2023 technical report by Business Insider ranked Libya as the most exposed country in Africa to cybersecurity risks, placing it 90th globally.

The report attributed the elevated risk to limited cybersecurity safeguards and weak protection against cybercrime, leaving the country vulnerable to increasingly sophisticated attacks.

LPTIC Previously Flagged Persistent Cyber Threats

In the same year, the Libyan Post, Telecommunication and Information Technology Holding Company (LPTIC) disclosed that its data centre was under constant cyberattack.

LPTIC oversees Libya’s state-owned telecommunications companies, including Libya Telecom, and plays a central role in managing the country’s digital and communications infrastructure.

Cybercriminals targeting Libyan institutions have increasingly relied on tactics such as ransomware attacks and data leaks, posing significant risks to public institutions and the digital economy.

Attack Coincides With Major Infrastructure Upgrade

The cyberattack comes as Libya Telecom advances a major network modernisation project. In early December, the company launched a phased infrastructure upgrade involving the gradual shutdown of traditional telephone exchanges as part of its transition to fibre-optic services.

The project includes the transfer of fixed-line telephone services to Libya Telecom, which will deliver services using modern, approved technologies.

Fibre Transition to Leave ADSL Services Unaffected

According to the company, the first phase of the project involved the shutdown of 70 telephone exchanges. Existing Asymmetric Digital Subscriber Line (ADSL) services will remain operational until fibre-optic deployments are fully completed.

Libya Telecom said the initiative aligns with its long-term strategy to modernise the telecommunications sector and build a resilient, sustainable digital infrastructure capable of supporting future growth.

Conclusion

Libya Telecom’s confirmation of an ongoing DDoS attack highlights the increasing cybersecurity challenges facing the country’s digital infrastructure. While emergency measures have helped contain the immediate impact, the incident underscores the urgency of strengthening cyber defences as Libya accelerates its transition to modern, fibre-based communications networks.