Updated on 2022-11-08: FBI Warns of Hacktivist Activity
The US Federal Bureau of Investigation (FBI) has published a Private Industry Notification warning that hacktivists are launching distributed denial-of-service (DDoS) attacks. The document includes recommendations for mitigating the effect of the attacks. Targets have included financial institutions, emergency services, airports, and healthcare-related facilities.
Note
- The bulletin covers areas we’ve talked about before, which you should be following. To that list I would add making sure that you’ve enabled DDoS protections on your boundary, to include both your firewall and WAF. Also look at reporting discovered attacks, not just because you may have a regulatory requirement, but also to give agencies like the FBI and DHS/CISA information to go after the source.
Read more in
- FBI: Russian hacktivists achieve only ‘limited’ DDoS success
- FBI warns of politically motivated hacktivist activity, DDoS attacks in alert
- Hacktivists Use of DDoS Activity Causes Minor Impacts (PDF)
Overview: FBI makes fun of pro-Russian hacktivists
In a PIN alert [PDF] on Friday, the FBI warned about a rising wave of DDoS attacks carried out by pro-Russian hacktivist groups but urged companies to stay calm and not panic as these attacks are mostly ineffective.
“These attacks are generally opportunistic in nature and, with DDoS mitigation steps, have minimal operational impact on victims; however, hacktivists will often publicize and exaggerate the severity of the attacks on social media. As a result, the psychological impact of DDoS attacks is often greater than the disruption of service.”
