In today’s hyperconnected world, cyberattacks have become one of the most significant challenges facing nations globally, and Azerbaijan is no exception. As governments and societies increasingly rely on digital infrastructure, the risks of cyber intrusion, data breaches, and information warfare are rising exponentially. For Azerbaijan, positioned at the crossroads of critical geopolitical interests, cyber threats are not just technical nuisances but potent tools that can undermine national security, economic stability, and political sovereignty. Understanding the nature, scale, and implications of these attacks is essential to grasp the evolving cybersecurity landscape and Azerbaijan’s strategic responses to this modern battlefield.
Cyber attacks against Azerbaijan have become a persistent and escalating challenge, targeting both state institutions and private citizens daily. This continuous threat was underscored by Tural Mammadov, Deputy Head of the Main Department of the State Service for Special Communications and Information Security (SCIS), who confirmed that cyber incidents fluctuate in volume but remain a constant concern.
Mammadov highlighted that Distributed Denial of Service (DDoS) attacks are observed daily, alongside phishing campaigns and cyber operations carried out via email and increasingly popular platforms such as Telegram. These attacks are systematically monitored by specialized teams, with investigations and countermeasures activated when significant threats emerge. The results of these investigations are shared across relevant institutions to identify and neutralize the perpetrators.
Major General Allahverdi Ismayilov, Deputy Head of SCIS, emphasized the critical nature of these attacks in a broader geopolitical context. According to global statistics, over 40% of cyber attacks on state institutions in the first half of 2024 targeted critical infrastructure, revealing that any security vulnerability can rapidly escalate into a strategic risk. He pointed out that beyond technical flaws, weaknesses in management and organizational culture remain key factors behind data breaches in state information resources. To address this, Azerbaijan has launched the “Bug Bounty” program to engage the broader cybersecurity community in protecting state systems, signaling a shift toward transparency and collaboration.
The human dimension of cybercrime is equally alarming. Hackers increasingly exploit personal data for financial fraud, with the Ministry of Internal Affairs reporting over 6 million AZN lost by citizens to cyber fraud in just the first four months of 2025. During the same period, more than 6,000 citizens and nearly 100 state employees became victims of cyberattacks.
Statistics from the SCIS reveal that between January and August 2025, 612 cyberattack indicators were detected against government agencies - a slight decrease compared to the previous year. Despite a 25% reduction in attacks during August, the overall threat landscape remains volatile, with over a thousand attacks recorded throughout 2024 alone.
Political dimensions of cyber warfare
Cyber attacks in Azerbaijan are not solely technical or economic challenges; their political ramifications are profound. In the era of hybrid warfare, cyber operations serve as strategic tools for influence and disruption. A recent case illustrating this occurred shortly after President Ilham Aliyev’s interview with Saudi Arabia’s Al-Arabiya TV channel on August 27, 2025.
Following the broadcast, the Milli Majlis (Parliament of Azerbaijan) Commission against Foreign Interventions and Hybrid Threats reported a coordinated information campaign emanating from Russia, aimed at distorting Azerbaijan’s positions and fueling anti-Azerbaijani sentiment within Russian society. This campaign leveraged Russian social media platforms - some of which are restricted domestically - bots, and targeted advertisements to spread disinformation and threaten Azerbaijan’s sovereignty.
This incident underscores how cyberattacks intersect with political disinformation, espionage, and hybrid threats. Targeted cyber operations seek not only to disrupt information systems but also to manipulate public opinion and undermine national cohesion.
The nature of recent cyberattacks on Azerbaijan's critical information infrastructure suggests a high level of sophistication. The attacks go beyond typical DDoS assaults, aiming to seize control of servers—a task unlikely to be executed by amateur hackers. Such operations often require expertise and resources indicative of state-sponsored actors or highly skilled cybercriminal groups.
A prominent example is the DDoS attack on Delta Telecom, one of Azerbaijan’s principal backbone internet providers, in August 2025. The Ministry of Digital Development and Transport quickly rerouted traffic through alternative backbone operators, Azertelecom and Aztelecom, ensuring uninterrupted internet access.
Osman Gunduz, President of the Azerbaijan Internet Forum, highlighted this incident’s significance: “The existence of multiple backbone operators providing Azerbaijan with global internet access allows us to minimize losses and quickly restore services during critical situations. This clearly demonstrates the importance of competition and alternative infrastructure for national digital resilience.”
Gunduz further noted that, given the strained political relations between Baku and Moscow, Russia remains a plausible source of such cyberattacks. Azerbaijan’s heavy reliance on internet routes passing through Russia exposes it to strategic vulnerabilities, especially since Russia has previously targeted Azerbaijani energy sector infrastructure abroad.
This series of attacks reinforces that securing Azerbaijan’s critical infrastructure is not just a technical issue but a strategic national security imperative. Digital sovereignty hinges on both robust internal defenses and reducing dependencies on external actors.
In this light, accelerating projects like the Trans-Caspian fiber-optic corridor, diversifying internet traffic routes, and developing independent international connectivity options are vital for Azerbaijan’s cybersecurity and overall resilience.
Cybersecurity in Azerbaijan is a complex, multidimensional challenge that blends technical, political, and social elements. The ongoing cyber threats require continuous vigilance, international cooperation, and strategic investment in infrastructure diversity. With rising geopolitical tensions in the region, Azerbaijan’s efforts to build a resilient digital ecosystem will be crucial for safeguarding its national interests and maintaining stability in an increasingly contested cyber landscape.
