The websites of some German airports, financial institutions, and government agencies were targeted with distributed denial-of-service (DDoS) attacks earlier this week. The attacks are believed to be the work of Russian hacktivists. Germany’s Federal office for Information Security (BSI) says that some websites were made unavailable, but there were no service disruptions.
Note
- DDoS attacks have been around for well over two decades; the tactics, tools, and procedures really haven’t changed that much. While airports aren’t typically targets, financial and government sectors have been victims of DDoS attacks in the past. Unfortunately, in this new, frenzied geo-political environment, nation states and their surrogates will take what’s available to them to cause mischief. Every organization should revisit mitigation guidance, such as that published by the Cloud Security Alliance to protect against DDoS attacks.
- As DDoS attacks are becoming more common, don’t assume you, or one of your services, won’t be impacted, directly or indirectly. Actively check that you have countermeasures in place and learn how they are verified. Now go through both your cloud and outsourced services and do the same. Setup a schedule to re-verify this doesn’t change.
- I suspect we will see more attacks on European countries as the war efforts will be protracted. Expect this to go on for years to come.
