Hacktivism as Political Protest: DDoS Attacks Target Czech Republic & Spain
DDoS attacks have been democratized by the ability to organize online, develop and share free attack tools and utilize low cost attack services (aka booter/stressers). There is no longer any barrier to entry to express yourself in this form of online protest. As a result, Hacktivism has consistently been one of the top motivations behind DDoS attacks.
We now live in a world where cyber reflections are a reality we must be prepared to deal with,
“Every geopolitical event and social movement now has its reflection in the cyber world, including networks of hacktivists that try to take down websites of entities they disapprove of. In addition to the primary target, they may attack sponsors, suppliers, providers of local infrastructure and services, and anyone loosely connected to what they’re protesting. It’s is a global phenomenon that can affect any organization with an internet presence – all it takes is to be in the wrong place at the wrong time.”
DDoS is one of the most highly visible forms of cyber-attack. With many attacks, the GOAL is to go unnoticed. With DDoS, if attackers are successful, everyone knows in an instant when the targeted website, application or service goes offline.
This week, we have two textbook examples of DDoS and Hacktivism. In the Czech Republic, two election websites were taken down by DDoS attacks. According to the International Business Times, Anonymous has announced a campaign targeting Spanish government websites over the issue of Catalonian independence.
“The website of Spain’s Ministry of Public Works and Transport was hacked to display a “Free Catalonia” slogan, while the homepage of its constitutional court – which ruled the referendum illegal on 17 October – was forced offline on Saturday (21 October).”
Our ATLAS system collects anonymous traffic data from more than 400 customers globally, delivering visibility into approximately 1/3 of all internet traffic. Here is a look at DDoS attacks targeting Spain in the past 30 days:
The data shows that there is nothing significant about DDoS attack frequency on October 21st. In fact, it was a slow day when compared to the previous four-week period.
Let’s take a look at DDoS attack size.
There was a 60.2 Gbps attack on October 21st that lasted for 22 minutes. While certainly a significant attack, when looking at 2017 activity in Spain, we see the biggest attack was 94.4 Gbps. Again, there is nothing especially unusual about this DDoS attack activity.
What this suggests is that DDoS is a serious and persistent problem that can take an organization offline at any time, for any reason. This is now an issue of risk management, and whether your business is willing to take a proactive or reactive stance on DDoS protection. With 6.7 million DDoS attacks so far this year, the question becomes, do you feel lucky?
To learn more about Hacktivism and the DDoS threat landscape, download Arbor’s 12th annual Worldwide Infrastructure Security Report (WISR).