DDoS Threats: The Fifth Dimension of Warfare

DDoS Threats: The Fifth Dimension of Warfare

Over the years, countries have engaged in battles across air, sea, land, and even space. However, with the growth in digital and cloud technologies, the internet has become another major battlefield used for launching attacks that cripple services and paralyze communications across entire countries. We’re calling this the fifth battle dimension and it can bring entire nations to a halt. Nowadays, many attackers strategically choose online services belonging to government bodies, communication networks, and financial institutions to launch attacks on, choosing easy to launch attacks such as Distributed Denial of Service (DDoS). This is an easy choice causing downtime and disrupting services easily.

Highlighted Fifth-Dimension DDoS Attacks    

A classic example of the DDoS global threat can be witnessed in the May 2021 incident, when a large-scale DDoS attack brought several organizations in Belgium, including the government and parliament to a stop. By overwhelming them with bad traffic. In February 2021, the Secret Service of Ukraine came under a DDoS attack. The website faced several technical interruptions and struggled to mitigate the attack.

Additional Known DDoS Attacks on Governments in 2021 Include:

Date of attack

Country

Duration of Attack

Companies affected

Comments

16-Jul

Russia

1 Hour

Russian Defense Ministry

Claimed to be the work of a foreign cyberattack.

9-Jul

Ukraine

NA

Defense Ministry portal

The portal has been DDoS’ed several times.

14-May

Ireland

1 Day

Health Service Executive (HSE)

DDoS attacks forerunner for a larger ransomware attack.

10-Mar

Philippines

6 Hours

Philippine government website Gov.ph

The website showed an ‘internal server error message.

8-Mar

Italy

1 Day

Italian Lower House of Parliament

The attack brought the website down.

18-Feb

Ukraine

Several Days

Security Service of Ukraine

Technical interruptions and struggle to repel the attack.

14-Feb

Holland

NA

Dutch politician Kati Piri’s website

The politically motivated attack shut down the website.

5-Feb

Russia

1 Day

Russia’s National Guard (Rosgvardiya)

A 3-hour intensive attack was launched from abroad.

17-Jan

Russia

2 Hours

Russian Federal Penitentiary Service

Attacks caused slowdown and connectivity issues.

 

Quick Look: DDoS trends in Q1'21

2020 DDoS Attacks

Date of attack

Country

Duration of Attack

Companies affected

Comments

22-Nov

Uganda

24 Hours

Uganda Police Website

The Anonymous group said this was a response to political upheavals in Uganda.

15-Nov

Brazil

NA

TSE (Tribunal Superior Electoral)

The attack slowed down the online services.

6-Oct

USA

7 Hours

Florida Department of State website

1.1 million visitors an hour crashing the site.

2-Sep

New Zealand

NA

MetService

Intermittent attacks caused the site to go down.

11-Aug

Iran

NA

People’s Mojahedin Organization of Iran

Website and servers overwhelmed making it inaccessible.

9-Aug

Belarus (E.Europe)

2 Days

Central Election Commission, State Security Committee (KGB), and the Interior Ministry

On election day, attacks launched depriving access.

20-Jul

North Macedonia

Several Hours

Interior, Health, and Education Ministries

Government sites crashed to coincide with elections.

15-Jul

North Macedonia

> 3 Hours

North Macedonia’s State Electoral Commission

Delayed announcement of voting results

2-Jun

Ukraine

N/A

Office of the President of Ukraine

The attack targeted the websites of the Office of the President of Ukraine.

31-May

US

Several Days

Minnesota State’s Networks

State information systems are overloaded during a crisis situation.

26-May

Russia

 NA

United Russia Party

Attacked when launching the remote primary electoral contest to choose party candidates.

6-May

Ukraine

Not Mentioned

Ukrainian Government

The majority of attacks are directed at the website of the President’s Office.

1-Apr

Europe

1 Day

Italy’s Social Security website

The attack during the Coronavirus payout.

 

How To Win The DDoS Battle                                                                                                                                            

As DDoS attacks become increasingly complex and quick, there is limited time for current DDoS mitigation systems to react. It is imperative to detect and close all ongoing DDoS vulnerabilities, before an attack, to empower mitigation solutions to respond in the fastest possible way with minimal manual intervention.

 

Introducing RADAR™ – Detecting Open Vulnerabilities In Real-Time

Working with any mitigation solution installed, RADAR™ offers superior DDoS coverage and automated DDoS protection. RADAR simulates over 100 attack vectors with all public-facing IPs 24/7, giving real-time visibility to all DDoS vulnerabilities with no downtime.

How RADAR™ Works

RADARclearly identifies the attack surface risks (DDoS vulnerabilities) automatically as they are generated across live production web-facing IPs. Then it prioritizes the vulnerabilities by the number of targets found prone to and details the nature of those vulnerabilities through unprecedented information. This information enables proper mitigation and remediation setup. Once the remediation is completed RADAR™ validates the remediated vulnerabilities ensuring the remediation process was successful.

Benefits of RADAR™ for Governments

  • Operational Continuity – DDoS tests are designed to identify basic vulnerabilities in DDoS mitigation posture and are run without disruption to government websites. This ensures that government sites will continue to always function normally, irrespective of whether there are elections or political upheavals.
  • Data-Driven Protection – Reports are generated representing the number of connections per second sent by MazeBolt’s simulation cloud, with the corresponding number of connections per second that bypassed the setup. The reports empower IT personnel to remediate the vulnerability gaps in real-time and reduce the risk of DDoS attacks at all times.
  • Security at All Times – RADAR™ highlights the most important DDoS vulnerabilities in the mitigation apparatus and/or architecture, allowing security personnel to make the least amount of changes. At the same time making the biggest impact in strengthening the IT infrastructure against DDoS attacks. Since it works continuously and non-disruptively, government sites are always available irrespective of the political changes or upheavals that could be taking place.
  • Reduce the Workload of In-House IT Staff – As a result of the inherent weakness in existing mitigation solutions, the IT staff are pulled into action after an attack has occurred. This results in the staff being taken away from their regular activities to identify and mitigate DDoS attacks. Since RADAR™ prevents attacks, the workload of mitigating attacks is non-existent. IT teams are spared from sudden, stressful mitigation activities and can continue to focus on their day-to-day activities.

About MazeBolt

Israel-based MazeBolt is an innovation leader in cybersecurity, with over two decades of experience in pioneering DDoS protection solutions. The company’s new flagship product, RADAR™, is a patented, new technology. It offers DDoS protection through automated DDoS simulations on live production, with zero downtime. Working in conjunction with any mitigation solution installed. Its unique capabilities have ensured business continuity and full DDoS security posture for enterprises worldwide including Fortune 1000 & NASDAQ-listed companies.

Learn more about RADAR Technology

By admin