Over the past several years, the South Caucasus has become one of the most vulnerable regions in terms of cybersecurity. Rising geopolitical tensions, the rapid digitalization of the economy, and the involvement of external actors have turned cyberspace into a full-fledged extension of regional conflicts. In this context, Armenia has emerged as one of the most exposed states, where cyber threats have acquired a systemic and strategic character.

The nature of cyberattacks against Armenia has undergone a qualitative transformation in a short period of time. Whereas in the mid-2010s these activities largely consisted of primitive hacks and acts of digital vandalism, since 2020 there has been a clear shift toward highly organized operations involving elements of espionage, destabilization, and hybrid warfare.

During the escalation in Nagorno-Karabakh in 2020, cyberspace became a parallel theater of confrontation. According to international research institutions, state-grade commercial spyware, including Pegasus and Predator, was used in Armenia against journalists, human rights defenders, and government officials. These cases demonstrated that cyber tools had become an integral component of political and military pressure.

By the mid-2020s, the focus of threats had shifted. In 2024, Armenia faced a series of coordinated attacks targeting government resources and elements of critical infrastructure. DDoS attacks, intrusions into government websites, and attempts to disrupt telecommunications networks became increasingly frequent.

According to expert assessments, the scale, coordination, and timing of these attacks point to a high level of organization and clear political motivation. This coincided with growing tensions in Armenia’s relations with its traditional allies, giving rise to discussions of a new “digital front”.

Armenia began developing its cybersecurity regulatory framework as early as 2020, adopting a National Security Strategy and a dedicated Cybersecurity Strategy. However, a decisive step was taken in 2025 with the adoption of a new Law on Cybersecurity, largely aligned with the European NIS2 Directive.

The law introduced a clear legal definition of critical infrastructure and granted the state authority to impose mandatory cybersecurity requirements on the banking sector, energy systems, and telecommunications operators. Nevertheless, international assessments remain cautious: according to the International Telecommunication Union (ITU), Armenia is classified as a developing country in terms of cyber resilience, lagging behind several of its neighbors.

Responsibility for policy implementation is shared among multiple institutions, including national security services, the cyber police, the national incident response team CERT.AM, and relevant government bodies. At the same time, much of the burden of protecting critical infrastructure falls on the private sector, creating additional vulnerabilities.

Information security expert Artur Papyan characterizes the current situation as a transition to an entirely new level of threats:

“If earlier this was mostly ‘vandalism’ carried out by amateur hacker groups, today we are dealing with a high-tech hybrid war”.

According to Papyan, in 2024–2025 hybrid attacks combined spyware, AI-assisted phishing, DDoS campaigns, and infrastructure-related threats. The sources of these attacks are predominantly transnational, significantly complicating investigation and response efforts.

Despite the establishment of a legal framework, implementation remains the key challenge. Experts point to shortages in skilled personnel, technical capabilities, and preventive capacities.

“Policy will only be effective when the relevant institutions have sufficient resources not only to respond to attacks, but also to prevent them”, Papyan notes.

The protection of citizens remains another weak point. Large-scale financial fraud, investment scams, and phishing attacks continue to grow steadily, with a significant proportion of crimes committed from abroad, sharply reducing the effectiveness of law enforcement mechanisms.

Alongside technical threats, an intense information confrontation is unfolding. International human rights and monitoring organizations have documented the systematic spread of disinformation related to biological security, external governance, and military projects, contributing to societal polarization and undermining trust in state institutions.

The rapid development of data centers and AI infrastructure is turning Armenia into a regional digital hub. The deployment of large-scale computing capacity strengthens technological sovereignty but simultaneously increases the country’s attractiveness as a target for cyber espionage and sabotage.

Cybersecurity expert Samvel Martirosyan emphasizes:

“Data centers themselves are rarely targets. The real targets are the specific companies and data hosted within them”.

Nevertheless, the concentration of critically important computing resources objectively requires a higher level of protection and enhanced international coordination.

Armenia is consistently aligning itself with Western cybersecurity standards, expanding cooperation with the EU, Interpol, and NATO within partnership frameworks. At the same time, demand for skilled professionals is growing: the technology sector has become one of the main drivers of economic growth, while large-scale infrastructure projects are creating the need for hundreds of cybersecurity specialists.

Armenia is effectively on the front line of regional cyber confrontation. The experience of recent years demonstrates that cyber threats have ceased to be a secondary issue and have become an independent pillar of national security.

Future resilience will depend on the state’s ability to build a comprehensive system: strong institutions with real authority, effective public–private partnerships, sustained investment in human capital and education, and international cooperation while preserving digital sovereignty. Without this, the digital front line will remain one of the country’s most vulnerable areas.

Journalist,

Marine Kharatyan

#ARMENIA

21.01.2026 03:29