Weaponizing DDoS Attacks in the Fog of War

DDoS-War-Ukraine-Russia

There are many ways to fight an enemy. In past conflicts, “resistance” forces have often severed communication lines and rail lines to hobble an enemy. Today, battles can also be fought with cyberattacks that disrupt communications and business operations. The past month has seen plenty of news about cyber warfare between Ukraine and Russia. Pro-Russia hackers have reportedly launched Distributed Denial of Service (DDoS) attacks against several key Ukrainian sites, including the Ukraine’s Defense Ministry, the Armed Forces of Ukraine, and some state-backed banks; reportedly some pro-Ukrainian individuals and groups around the globe have been launching DDoS and other types of cyberattacks on Russian sites.

The Guardian reports that amateur hackers have risen to defend Ukraine by attacking Russian networks. Not surprisingly, the hacktivist group Anonymous has claimed responsibility for several of these, including the Russian Federal Security Service (aka FSB, the principal security agency of Russia), Stock Exchange, Analytical Center for the Government of the Russian Federation, and Ministry of Sport of the Russian Federation.

There is a saying, “All is fair in love and war,” from the novel The Relapse, or Myrtle Bank, 1789. The fog of war is difficult enough, but when freelance cyber warriors enter the fray with cyber warfare, the waters get even more muddied. It is a good time to ask the question: “What could go wrong?” In other words, could there be unintended consequences? As members of the Washington Post editorial board opined on March 19, “Who’s accountable, though, if civilians do get hurt?”  Furthermore, if some hacktivists launch an attack that Russia labels “an attack from the West,” it could backfire on Ukrainian allies because the Russian government (or other influencers) could point to those attacks as a reason to seek revenge against Ukraine and her allies.

Damaging DDoS attacks are increasingly easy and inexpensive to launch, including for budding cyber vigilantes. And, the theatre of war is giving these actors a space to hone their skills and sharpen their attacks. Unfortunately, it is all too easy for bad actors (acting as lone warriors or nation-state agents) to launch a large, volumetric, DDoS attack on critical infrastructure — such as a hospital, subway system, stock market, or a power grid — with the potential to impact hundreds of thousands of innocent people.

These reports of cyber warfare should serve as a sobering reminder to ordinary organizations around the world that DDoS attacks are not only weaponized in international conflicts, they also happen to normal organizations, every day, regardless of heightened geopolitical tensions. And, given the current geopolitical tensions, critical infrastructure organizations (financial, government, energy, etc.) should review their DDoS defense systems, plans and policies, and make sure they have considered the need for always on, automated, real-time DDoS mitigation.

For over a decade, Corero has been providing state-of-the-art, highly-effective, real-time automatic DDoS protection solutions for enterprise, hosting and service provider customers around the world. Our SmartWall® DDoS mitigation solutions protect on-premise, cloud, virtual and hybrid environments. For more on Corero’s diverse deployment models, click here. If you’d like to learn more, please contact us.

Sean Newman is VP Product Management, responsible for Corero’s product strategy. Sean brings over 25 years of experience in the security and networking industry, to guide Corero’s growing leadership in the real-time DDoS protection market. Prior to joining Corero, Sean’s previous roles include network security Global Product Manager for Cisco, who he joined as part of their acquisition of cyber-security vendor Sourcefire, where he was Security Evangelist and Field Product Manager for EMEA. Prior to that he was Senior Product Manager for endpoint and network security vendor Sophos, after having spent more than 12 years as an Engineer, Engineering Manager and then Senior Product Manager for network infrastructure manufacturer 3Com.