The police control systems at airports and all checkpoints in Cyprus have been restored after the country was targeted by six cyberattacks over the weekend, allegedly linked to hacker group ‘LulzSec Black’, police spokesman Christos Andreou said on Monday.

 “The situation has normalised and upgrades to control systems, necessary considering the scale of the cyberattacks, are being carried out,” Andreou told the CyBC.

All police control systems at both airports of the Republic, as well as other entry and exit points, were upgraded on Sunday to protect against the current visible risk, he said.

He also clarified that while the systems did not cease functioning during the upgrade, after an attempted cyberattack on airport operator Hermes’ website was averted on Friday, processing checks took much longer than usual, leading to huge queues at Larnaca airport.

Long queues formed, leading to frustration among passengers. The situation was better at Paphos airport, where passenger traffic was lower at the time, resulting in fewer disruptions.

Andreou said the upgrade was in response to the specific threats received by the Republic, but did not rule out the need for further upgrades if future attacks occur, depending on the methods used by hackers.

In the past few days, Cyprus has faced six cyberattacks targeting both government services and private companies. Among the affected entities was the government’s website.

Deputy Minister Research Nicodemos Damianou said that the hackers attacked the government’s main website, which was offline for a few minutes on Sunday, but added that the authorities coped with the incident successfully and were able to restore it.

Other targets included the Electricity Authority of Cyprus (EAC), Bank of Cyprus, telecommunication company Cyta, and oil company EKO, as well as Hermes.

“Authorities are on high alert and closely monitoring the situation,” Damianou said on Monday.

“We remain vigilant,” he told the Cyprus News Agency (CNA).

The Commissioner of Communications and head of the Digital Security Authority George Michaelides did not confirm whether there had been attempts to steal data and said the hackers’ motives and targets were not yet discussed.

“We believe that any discussion on this specific matter, beyond the generalities, would not help because we verified that the hackers are also monitoring and actively engaging targeted entities on social media,” Michaelides told the CNA.

“One should not wait to be under threat to act proactively. You need to follow security rules and implement security measures. That’s it, there is nothing else.

“Cybersecurity is a risk that concerns each of us. We must start by protecting ourselves and our children,” he added, stressing the importance of applying basic rules such as avoiding unknown links, not accepting emails from unfamiliar addresses, and not opening attachments from uncertain sources.

On the difficulty of identifying threatening cyberattacks before they occur, Michaelides said it is very challenging and rarely happens.

“Even when data or money is stolen, it is rare to identify these individuals and recover the money,” he said, adding that the Digital Security Authority is always vigilant because “there is always something happening”.

Speaking to CyBC, cybersecurity expert Eleftherios Antoniades said it is yet unknown what was the goal of the attacks.

What we can assume is that attacks were carried out in order to ‘test’ the country’s cyber defences,” he said. “It was mostly a show of force, rather than a targeted attack.”

Antoniades added that the level of cyber security within companies and government entities in Cyprus is still dangerously low.

“Some companies might have been targeted without knowing it, because they don’t have the necessary tools in place to even identify a cyberattack.

“Unfortunately, no one can really know when similar attacks can take place,” he said.

Speaking to Alpha morning show, internet security specialist Dinos Pastos described the disruption caused by hackers as a “show of force”, rather than a concrete attack.

According to Patsos, the worst-case scenario would involve the hackers continuing to target multiple sites simultaneously in a more organised manner.

Patsos’ thoughts were echoed later on Monday by the assistant professor of cybersecurity at the European University Yianna Danidou, who said the series of cyberattacks over the past days “may be part of a testing process by the hackers involved, aiming to gather data on how these entities defend themselves”.

“The latest cyberattacks could be a precursor to more significant, unannounced attacks in the future,” she told the CNA.

“Despite the progress made in cybersecurity in Cyprus, there is still much to be done to protect the country’s critical infrastructure.”

Regarding the possibility of identifying the attackers, Danidou acknowledged the difficulties but added that it is not impossible.

“However, it is extremely difficult to track hackers based on IP addresses, especially when dealing with the deep and dark web.

“We shouldn’t only take measures when warned. Sometimes attacks happen without any warning, and we could find ourselves unprepared. Regardless of whether the attacks continue, it is crucial that the protection of critical infrastructure remains a priority,” she said.

After the spate of attacks started, on Saturday communications commissioner George Michaelides warned there may be more to come.