Radware Report Sees Religion Fueling More DDoS Attacks
A report published by Radware found that, in two months alone, hacktivists claimed to launch more than 1,800 distributed denial-of-service (DDoS) attacks in the hopes of advancing various political and religious causes.
The analysis of claims made on social media sites from February 18, 2023 until April 18, 2023, noted that while hacktivism surged at the beginning of the war in Ukraine, there are still more DDoS attacks being launched by religious groups.
Pascal Geenens, director of threat intelligence for Radware, said groups affiliated with Muslim causes have been especially active, with Anonymous Sudan, Mysterious Team and Team Insane PK, for example, ranking among the top four groups making DDoS claims. These four were followed by NoName057(16), a group of pro-Russia hacktivists that counted for 30% of all threat actors claiming credit for DDoS attacks.
It’s difficult to conclusively verify such claims but, oddly enough, the notorious pro-Russia hacktivist group Killnet did not make the top 15 of the list compiled by Radware, noted Geenens. It’s also not always easy to ascribe a motive for an attack, given that political and religious agendas are often indistinguishable.
In the longer term, organizations should assume that the number of DDoS attacks they’ll face will only increase either directly or as collateral damage from being associated with one issue or another. Organizations operating in a particular country might find themselves subjected to DDoS attacks because of political or issues that they are only tangentially involved in, said Geenens.
In addition, some of the groups that launch these attacks are now hiring out their services to the highest bidder, much like any other mercenary army, he added. There may soon come a day when the launching of DDoS attacks becomes democratized—much as ransomware attacks are enabled by almost anyone using a ransomware-as-a-service (RaaS) platform, noted Geenens.
The types of DDoS attacks will also vary. Organizations not only need to be able to combat micro floods of attacks, but there are also more hyper-volumetric DDoS attacks as more internet-connected devices are either compromised or voluntarily made available by individuals that are sympathetic to a cause, he noted.
Regardless of the type of DDoS attack, DDoS attacks are becoming more commonplace simply because they have become much simpler to launch. All that’s required is a coalition of the willing to make resources available in the same way supporters of Ukraine have made infrastructure resources available to the Ukrainian IT Army. But instead of lending those resource to combat cyberwarfare, the next just cause could be much more mundane as activists around the world copy the DDoS attack playbook created by supporters of Ukraine.
Cybersecurity professionals will, of course, find themselves caught in the middle. However, no matter how well-intentioned, commandeering infrastructure resources to launch a DDoS attack is still a crime. Unfortunately, it’s also difficult to identify, capture and prosecute the purveyors of these attacks. For the foreseeable future, it’s going to be up to cybersecurity teams to defend their organizations from DDoS attacks that are becoming more prevalent around the globe.
