Posted on November 9, 2022 at 6:38 AM
Hacktivists Are Targeting Critical Entities With DDoS Attacks, The FBI Warns
The Federal Bureau of Investigation (FBI) has warned that organizations should act decisively to proactively implement distributed denial-of-service (DDoS) attack defenses amidst a series of hacktivist assaults. However, the agency says the incidences by the hacktivists have not had any meaningful impact so far.
DDoS attacks are one of the rampant forms of attacks where threat actors seek to overload network resources to render the target inaccessible. The attacks involve directing a large amount of network traffic to the same system to deliberately render it incapable of responding to genuine traffic requests.
Hacktivists are known to have carried out DDoS attacks and other cyber operations during high-profile political, and world events. The FBI believes such hacktivists engage in threatening action in support of political, ideological, or social causes.
Russian-Ukraine War Linked To Increased DDoS Attacks
The invasion of Ukraine by Russia is one such geopolitical issue that hacktivists try to explore and use as a trigger for their activities. The war triggered pro-Russian hacktivists that launched an incessant amount of DDoS attacks targeting vital infrastructure organizations, although on limited access.
In its alert, the FBI noted that the hacktivists provide the necessary tools to individuals or groups willing to launch cyberattacks according to their cause. These individuals take instructions from the cyberattack techniques while attacking their targets.
The FBI says that the hacktivists prefer using DDoS attacks on public-facing websites, as well as on web pages and social media profile defacement. The attacks are usually opportunistic, according to the agency. They also limit operational impacts on their targets because most times the attacks are delivered as a form of warning to the victims.
Most of the hacktivists involved in DDoS attacks are using a less sophisticated technique as they try to claim responsibility for the attacks. But the hacktivists usually publicize the attacks and exaggerate their impacts to score points and draw admiration from their peers.
The DDoS Attacks Lead To More Psychological Impacts
The bureau says their actions generally lead to a psychological impact that is higher than the usual disruption of service it has caused. Also, many hacktivists are always choosing their targets according to the perceived impact rather than actual service disruption. This means that they are selecting the targets that will be more publicized. These include high-profile financial institutions, health, transportation, and government agencies.
The bureau added that the threat actors can use open-source DDoS tools and services to cause disruptions and deface the public-facing website. They take pride in any disruptions they have caused as they like posting news coverage of their results. Most times, they are quick to claim responsibility for the attack as it will see them as being effective in their hacking activities.
These sometimes lead to copycats targeting the same organizations based on the media coverage they receive.
To protect against such attacks, the FBI has recommended that organizations should enroll in a DDoS protection service and liaise with ISP during an attack on their systems. Additionally, they are required to implement a disaster recovery plan that will efficiently respond to an attack and monitor assets during a DDoS assault. The mitigation plan is also vital to identify secondary assaults and prevent any further disruptions that may arise from the same attack.
Escalated DDoS Attacks Linked To Russia-Ukraine Conflict
The FBI alert on DDoS attacks comes when Americans are going to the polls to elect Congress members.
The FBI advisory coincides with Microsoft’s advisory in its Digital Defense Report 2022. It revealed that the number of nation-state attacks on critical infrastructure surged from 20% to 40% this year. The tech giant also stated that the rise in attacks on critical infrastructure is linked to the Russia-Ukraine conflict.
Kaspersky security explained in a blog post on Monday that most of the DDoS attacks in the third quarter of 2022 have been politically motivated. Killnet pro-Russian group took responsibility for the series of attacks in the U.S., Lithuania, Japan, and Estonia. The attacks also included those that disrupted the airport websites and attacks on the U.S. Electronic Federal Tax Payment System. Following the attacks, the pro-Ukrainian hacktivists launched their counterattacks, targeting Russian resources and media outlets in the process.
There have been other DDoS attacks that were motivated politically, which have affected entities in Eastern Europe, Israel, Kazakhstan, and other places. Taiwan was also targeted during the visit of U.S. Speaker of the House Nancy Pelosi.