DDoS | Business Upturn

Iranian hackers target 2024 US Elections

Eesha Chakraborty — Fri, 23 Feb 2024 17:24:08 +0000

The 2024 US elections, already brimming with political tension, face a potential cyber threat from Iran, according to a recent report by cybersecurity firm CrowdStrike. With a history of interference in US political events, Iran’s state-sponsored hackers are suspected to be planning similar disruptive tactics in the upcoming elections.

CrowdStrike, renowned for its expertise in combating cyber threats, specifically points towards the Islamic Republic’s history of meddling in US political affairs. The report meticulously details past instances, including the late 2020 Information Operations campaign, where Iranian actors unleashed a multifaceted attack. This involved sending intimidating emails to voters, impersonating a far-right US group and swaying their votes. Additionally, they disseminated fabricated videos alleging ballot tampering, aiming to sow distrust in the electoral system.

The report further predicts that these tactics, along with Distributed Denial-of-Service (DDoS) attacks and website defacements, are likely to resurface in 2024. These malicious activities have historically targeted state and local government entities, aiming to disrupt election infrastructure and sow chaos.

Furthermore, the report highlights a concerning trend observed in the latter half of 2023. “Iran-nexus adversaries” and Middle Eastern hacktivists were observed aligning their cyber operations with the kinetic operations stemming from the Israel-Hamas conflict. This suggests a potential escalation of cyber activities in the wake of geopolitical tensions, raising concerns about the 2024 US elections being collateral damage.

CrowdStrike’s warning echoes similar concerns voiced by Microsoft earlier this month. The tech giant identified Russia, Iran, and China as potential actors aiming to influence the upcoming elections in the United States and other countries.

Hacking groups target Israel in coordinated cyberattacks

Eesha Chakraborty — Thu, 15 Feb 2024 16:03:36 +0000

A surge of cyberattacks has swept across Israel by hacking groups including Anonymous Sudan, KillNet, and the Moroccan Black Cyber Army. This coordinated “cyber war” by the perpetrators, presents a significant threat to the nation’s digital infrastructure and underscores the evolving landscape of conflict in the digital age.

The motivations behind this campaign appear intertwined with the ongoing Israel-Hamas conflict. Pro-Palestinian sentiment fuels the actions of some groups, like Anonymous Sudan and the Moroccan Black Cyber Army, who have expressed solidarity with Hamas and opposition to Israeli policies. KillNet, a group with suspected ties to Russia, likely adds another layer to the equation, potentially leveraging the opportunity to advance Russian interests or demonstrate their capabilities.

The targets of these attacks range from crucial public services like Israel’s largest public transportation company, Egged, to government websites and media outlets. While the reported tactics primarily involve Distributed Denial-of-Service (DDoS) attacks aimed at disrupting online services, concerns linger regarding potential website defacement or data breaches. While temporary disruptions have been reported, the overall impact on critical infrastructure appears limited for now.

This incident highlights the increasingly prominent role of cyber warfare in geopolitical conflicts. Furthermore, the spillover effects of cyber warfare raise concerns for civilians caught in the crossfire. Disruptions to critical infrastructure like transportation or communication networks can have a real-world impact on people’s lives, exacerbating existing hardships. The potential for data breaches or manipulation of information further adds to the risks, highlighting the need for robust cybersecurity measures and responsible behaviour from all actors involved.

In conclusion, the recent cyberattack on Israel catalyzes strengthening global cybersecurity measures. While the immediate impact appears limited, the attack sheds light on the pervasive vulnerabilities within our digital infrastructure and the escalating sophistication of cyber warfare.

3-fold increase in DDoS attacks amid COVID-19 pandemic

Anjana Krishna — Thu, 13 Aug 2020 13:51:21 +0000

The second quarter of the year saw a 3-fold increase in distributed denial of service attacks since last year according to a report published by security firm Kaspersky. DDos attacks had spiked this year after the commencement of lockdowns across countries.

The pandemic induced work-from-home situation had seen an increase in targeted ransomware attacks and experts warn that the DDoS attacks could also be because of the same.”The number of attacks Kaspersky DDoS Protection detected and blocked in Q2 2020 is 217% higher than in the same period of 2019,” the company said in a press note. Cybercriminals find it easier to attacks home networks compared to secured office networks and are using this to their advantage. The first quarter of the year also saw the same number of DDoS attacks. Usually DDoS attacks peak during the first month of the year, when business is in full swing and lessen towards April but this year has been an exception. People are spending more time online and using online resources in lockdown which has been putting them at risk.

Educational and governmental institutions were reportedly targeted the most in the second quarter. The most affected regions are China (65.12%), the United States (20.28 %) and Hong Kong (6.08%). SYN flood remains the main DDoS attack tool (94.7 %), while ICMP attacks accounted for 4.9 %.