In 2025, several significant cybersecurity related events occurred in Armenia.
First of all, it is important to note that Armenia has finally adopted the Law on Cybersecurity and other related legislation, which is expected to bring significant changes. However, the implementation of this new legislative package will begin next year. Let’s acknowledge this significant qualitative change and reflect on it in the upcoming year.
Another key factor is the upcoming 2026 parliamentary elections, which are already delivering a noticeable impact. These elections should be viewed in the context of broader geopolitical processes surrounding Armenia. The electoral process tends to heighten the interest of foreign intelligence services in Armenia. What can we already observe in this regard?
There has been a notable increase in hacker attacks targeting non-governmental organizations and the media sector. These attacks take various forms. For instance, at CyberHUB, we have observed several attacks targeting Signal Messenger accounts. You can find examples of these incidents linked here, here, and here.
The attacks are varied, and additional tools are also used; more can be found at the links provided here, here, and here.
Although it is not always possible to identify the attackers, some of the aforementioned incidents contain evidence suggesting that state structures of the Russian Federation have an interest in Armenian civil society. The question can arise as to why civil society organizations are frequently targeted. In fact, they are among the most targeted organizations globally, second only to state institutions. This occurs for two main reasons: first, these organizations possess valuable, specific information about their country and society; second, they generally have fewer digital security resources compared to state institutions.
Surprisingly, in 2025, the number of infections from the Pegasus spyware in Armenia unexpectedly fell to zero. Let’s not forget that between 2020 and 2023, Azerbaijani special services extensively utilized this spyware to target state institutions, civil society, and the media in Armenia. The sudden disappearance of Pegasus raises questions: what could have caused this change? It is possible that Azerbaijan has found a new supplier of spyware or is acquiring intelligence information from Armenia through other means.
In general, criminal activity and fraud have increased over time in Armenia, particularly cyberattacks. While the overall methods used have not changed significantly from the previous year, there are notable developments in several aspects.
a.The overall number of attacks is increasing, as Armenia appears to be an attractive market for counterfeiters.
b. There has been an increase in attacks utilizing artificial intelligence, such as the creation of fake videos. This rise in AI-driven fraud can be attributed not only to the increased activity of fraudsters but also to the fact that this year AI tools have begun generating high-quality Armenian-language audio content.
c. Malicious programs targeting Android phones are used more frequently to attack Armenian banks and electronic wallets.
In conclusion, 2026 is likely to see an increase in cyberattacks. With elections approaching and the overall rise in global cybercrimes, this trend is expected to continue. Cybercrime has become a significant component of the world’s shadow economy.
