Warfare and Geopolitics are Fuelling Denial-of-Service Attacks
The European Union Agency for Cybersecurity (ENISA)’s new report on the Denial-of-Service (DoS) attacks threat landscape finds 66% of DoS attacks are politically motivated.
The analysis is based on 310 verified Denial-of-Service (DoS) incidents during the reporting period of January 2022 to August 2023. However, this total number only represents the incidents gathered from open sources.
A large-scale study is also included of publicly reported incidents. The study focuses on the motivations of attackers, their goals and the socio-political profiles of targets.
DOS attack threat landscape report 2023
Since the beginning of 2022, DoS attacks have turned into a novel and massive threat using new techniques and are fuelled by warfare motivations.
In the last few years, DoS attacks have become easier, cheaper and more aggressive than ever before. The emergence of new armed conflicts around the world acted as fuel to new waves of DoS attacks where newly formed threat actors pick and choose targets without fear of repercussions.
Objective of report:
To provide a better understanding of this type of threat by analysing the motivations and impact of the DoS attacks and raise awareness at the same time by suggesting prevention and remediation recommendations.
The research performed illustrates that most impacted sectors over the reported period covering January 2022 to August 2023 are associated with government services. These attacks stand as retaliation acts triggered by political decisions.
The report highlights that the last few years, DoS attacks have increased in number especially in the public administration and have become easier and more aggressive than before, largely due to geopolitical reasons. The current DoS threat landscape is greatly influenced by the emergence of the recent armed conflicts around the world and especially by the Russia-Ukraine War that fuelled new waves of DoS attacks where recently introduced threat actors select targets without the fear of repercussions.
The study also illustrates that while no sector is exempted from DoS attacks, the government infrastructure has become a preferred target by threat actors that often manage to be successful by causing downtime.
KEY TAKEAWAYS
- The most affected sector was the government administration sector, accounting for receiving 46% of attacks.
- It is estimated that 66% of the attacks were motivated by political reasons or activist agendas.
- Overall, 50% of the global incidents were found to be related to the Russian-Ukrainian war.
- The study shows that 8% of the attacks caused total disruption in the target.
- The analysis of DoS attacks’ motivations and goals is based on the new taxonomy used to classify such attacks based on information publicly available about the attacks the targets for a more systematic analysis approach.
- Warfare is a key gameplayer and organisations would benefit from prevention and remediation strategies.
- Reporting of DoS attacks has not reached the maturity needed to allow for the real extent and impact of such attacks.
A Distributed Denial-of-Service (DDoS) attack DDoS is a subset of DoS attacks. DoS attacks can be distributed which means that they may originate from thousands of sources from all over the world, usually relying on large-scale botnets or proxies.
Further Information
ENISA Threat Landscape for DoS Attacks – 2023
Blogger at www.systemtek.co.uk