Since the Russian invasion of Ukraine, pro-Russian hacktivist groups have been targeting critical infrastructure companies, the Federal Bureau of Investigation (FBI) said. However, their success has been limited.
The FBI released a Private Industry Notification (PIN) to help organizations reduce the likelihood and impact of distributed denial of service (DDoS) attacks.
Pro-Russian hacktivists prefer defacing websites and social media profiles. DDoS attacks are generally opportunistic and have a minimal operational impact.
Hacktivists provide tools and guidance on cyber attack methodology and techniques to anyone willing to conduct an attack on behalf of their cause.
“However, hacktivists will often publicize and exaggerate the severity of the attacks on social media. As a result, the psychological impact of DDoS attacks is often greater than the disruption of service,” the FBI PIN reads.
According to the FBI, hacktivists select targets perceived to have a more significant impact rather than an actual disruption of operations. Financial, healthcare institutions, emergency services, airports, and government facilities are high-profile targets.
Recently, the infamous pro-Russian gang Killnet made headlines after it hit major US airports. Killnet’s call to target civilian US infrastructure was followed by a list of 46 websites of mostly airports in the United States.
“Hacktivists typically claim responsibility for such attacks on social media to increase their credibility and falsely assert greater impact or disruption than what occurred,” the FBI said.
Hacktivists typically post news media articles covering their attacks, which, according to the FBI, can lead to repeat or copycat attacks on targets that are likely to attract media attention.
Competing hacktivist groups have launched numerous attacks since Russia invaded Ukraine on February 24, with Anonymous, IT Army, Hacker Forces, OneFist, and many others targeting Russia’s state-owned enterprises and businesses.
Meanwhile, pro-Russian groups have carried out DDoS attacks against countries supporting Ukraine, and government websites in Finland, Italy, Romania, Germany, Norway, and Lithuania, as well as websites in Czechia, Latvia, and elsewhere, have come under cyber-fire.
Steps to mitigate a DDoS attack:
- Enroll in a Denial of Service protection service that detects abnormal traffic flows and redirects traffic away from the network.
- Create a partnership with your local internet service provider (ISP) prior to an event and work with your ISP to control network traffic during an event.
- Create a disaster recovery plan to ensure successful and efficient communication, mitigation, and recovery in the event of an attack.
- During and after a DDoS attack, monitor other network assets for any additional anomalous or suspicious activity that could indicate a secondary attack.
Your email address will not be published. Required fields are markedmarked