Hicham Faik: “Cybersecurity is the Invisible Foundation of Sovereignty”

Hicham Faik: “Cybersecurity is the invisible foundation of sovereignty, stability, and the capacity for influence of a modern state like Morocco, in a context where power is measured as much by digital resilience as by economic or military means.”  

This is how cybersecurity expert Hicham Faik summarizes the stakes for a state like Morocco. In an interview with La Vie éco, he dissects the implications of the recent cyberattack targeting the CNSS.  

Could the cyberattack targeting the CNSS be the work of state-backed actors?

Cyberattacks against critical infrastructure operators (OIV), such as the CNSS, can align with the methods of state or quasi-state actors, particularly in a regional context marked by persistent geopolitical tensions.  

Formally attributing an attack remains extremely complex. However, it is not impossible that certain actors might exploit cyberspace to carry out destabilizing actions. Thus, it is entirely plausible that this attack could have been conducted by a group aligned with regional state interests, as part of a gradual cyber harassment campaign aimed at testing and disrupting the resilience of Morocco’s critical infrastructure.  

That said, no publicly available technical or strategic evidence—such as indicators of compromise, analysis of the attack chain, or identified command-and-control infrastructure—currently allows for definitive confirmation of this involvement.  

Attacks by state-linked groups tend to use advanced persistent threat (APT) techniques, discreet data exfiltration, and sometimes piggyback on conventional criminal campaigns to mask their origin.  

Is there currently no indirect signal or clue pointing suspicion toward regional actors?

In the cyber realm, attributing an attack is a complex exercise. Unlike conventional attacks, where geographic origins and material signatures are more easily traceable, cyberattacks allow for anonymity, false flags, and layered standardized techniques, making attribution challenging.  

It is premature to formally attribute the attack on the CNSS to a specific state or regional actor without strong converging evidence. However, several factors—including the choice of target (a socially impactful OIV), the geopolitical context, and historical patterns of similar attacks observed in the region—justify taking the hypothesis of a geopolitically motivated attack seriously.  

Morocco’s posture in response to this attack should be twofold: strengthen combined technical and geopolitical threat intelligence collection and analysis capabilities, and maintain measured, cautious public communication to avoid diplomatic confrontation without solid evidence.  

Does this attack reveal a new reality: that a successful cyberattack can paralyze a country as effectively as a conventional military strike?

As Morocco has digitized essential services, reliance on information systems has become a defining national reality.  

In this context, a sophisticated cyberattack capable of paralyzing or corrupting these systems is no longer just an IT incident—it becomes a strategic vector of instability comparable to a conventional military attack.  

Digitization, a pillar of Morocco’s Vision 2030, reinforces the absolute necessity of robust national cybersecurity, commensurate with the new vulnerabilities created by this rapid evolution.  

In contemporary hybrid conflict strategies, cyberattacks are seen as a strategic weapon capable of causing national disorganization, economic destabilization, social fracture, or damage to a state’s international reputation.