Global Reach of Pro-Russian Cyber Warfare
Even before Russia invaded Ukraine on February 25, DDoS attacks on government institutions, banks, and infrastructure around the world had already started to escalate.
After the invasion, these attacks skyrocketed, with a 450% increase from Q1 2021 to Q1 2022.
With increasing numbers of attacks related to the Russo-Ukrainian conflict, a couple of trends have emerged.
Patriotic DDoS attacks are now spreading globally
Pro-Russian groups have successfully launched DDoS attacks that extend far beyond the Russian-Ukrainian borders. Killnet has gained the most momentum in this political climate, with its primary motivation for launching these attacks to return honor to Russia and its people.
First, attacks have spread to neighboring countries in the Baltic region, such as Lithuania and Estonia. Killnet took responsibility for attacks in Lithuania, claiming they were a response to the trade restrictions imposed on the Baltic exclave of Kaliningrad and an EU sanction against Moscow.
The Nordic region is experiencing increased attacks as many of the countries prepare for acceptance into NATO. Latest DDoS attacks include the Finnish parliament website, the Norwegian Labour Inspection Authority website, a Swedish supermarket chain, and the Stockholm public transport website. In September, the Swedish election authority was hit by a DDoS attack during the general election.
Killnet is also believed to be responsible for DDoS attacks across Japan, as the country has taken a sympathetic stance towards Ukraine. As of late, Japan’s electronic government website has suffered downtime intermittently for several days. The attacks also hit 20 additional government websites, including the Internal Affairs and Communications Ministry, the Education, Culture, Sports, and Technology Ministries, and the Imperial Household Agency. On September 6th, a DDoS attack hit the Nagoya Port Authority, shutting its website for almost an hour.
Last week DDoS attacks even reached the U.S, hitting the websites of several major US airports in Chicago, Atlanta, Denver, Orlando, and Phoenix.
The severity of DDoS attacks is hitting an all-time high
With global DDoS attacks more intense than ever, the cyber protection of governments around the world are becoming overwhelmed.
According to government sources, early attacks on Ukrainian-state banks were reported as some of the most powerful the country has dealt with on their websites.
In Lithuania, the state-owned Ignitis energy company – one of the region's largest energy companies – was hit by multiple DDoS attacks that interrupted both its digital services and websites. The company reported the attacks to be the most significant cyberattack launched against it in the past decade.
Estonia also faced what its under-secretary for digital transformation at Estonia’s Ministry of Economic Affairs and Communications claimed to be “the most extensive cyberattack since 2007.” These attacks came after it started to remove Soviet-era war monuments from public areas in support of Ukraine. The strength of this attack is especially significant since the small country ranks a cyber defense infrastructure that is the third best in the world, behind the US and Saudi Arabia.
The DDoS attack that Sweden suffered on its public transport website was also reported to be one of the biggest in years.
No Signs of DDoS Attacks Disappearing Anytime Soon
Experts predict that DDoS attacks will only intensify and spread further as the war in the region continues.
Government institutions, financial services, and key infrastructure worldwide can defend against DDoS risk by ensuring they can continuously test tens of thousands of attacks against each attack vector across live production environments with zero operational downtime. In addition, prioritized remediation plans should be put in place and validated to eliminate vulnerabilities and guard against increased global DDoS threats.