A Rolling Campaign Of Russian Inspired DDoS Attacks

Uploaded on 2024-01-18 in INTELLIGENCE-Hot Spots-Russia, INTELLIGENCE--International, FREE TO VIEW

A prolific hacktivist group has launched a series of devastating Distributed Denial-of-service (DDoS) attacks for two years supporting its pro-Russian, anti-Western agenda. According to the latest blog from NetScout the group, which it calls NoName057(16), has conducted over 1,500 DDoS attacks since Russia's failed invasion attempt on Ukraine began in March 2022.

The NoName group has gained notoriety by developing and distributing custom malware, notably the DDoSia attack tool. They are strategically concentrating their efforts on Western nations and NATO members, aligning closely with pro-Kremlin geopolitical interests. 

In fact, Czech Republic, Poland and Spain have endured the highest volume of attacks, while the most targeted industry was critical public infrastructure, namely governmental administration sites, revealing the political agenda and goals of the group.

In terms of attack methodology, the threat actor almost exclusively uses HTTPs-based attack vectors designed to consume targets' bandwidth and resources. 

The DDoSia attack tool works by by over-whelming target sites with many concurrent junk HTTPs requests, with the tool having cross-platform functionality, it is compatible with Windows, Linux, and macOS systems, reflecting a clear attempt by the group to broaden its user base. 

NoName has encouraged ideologically motivated hacktivist volunteers to launch attacks on its behalf by offering digital currency payments to participants in exchange for supplied attack traffic. 

The group has successfully outsourced the growth and maintenance of their attack infrastructure, while at the same time seeking to make it more challenging for defenders to successfully mitigate attacks. 

NetScout:    NetScout:      NetScout:    FINN Partners:      Image: Beebright

You Might Also Read: 

Russia Steps Up Cyberwar Against Ukraine:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Fujitsu Knowingly Supplied Faulty Data To The British Post Office 
Deepfakes Designed To Mislead Voters »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Checkmarx

Checkmarx

Checkmarx provides state-of-the-art application security solutions with static code analysis software.

SharkGate

SharkGate

SharGate provide a cloud-based website security solution to protect websites from being hacked.

DG Technology

DG Technology

DG Technology is a customer-centric technology expert and business consultant that delivers services and products to minimize your information security, compliance, and business risks.

Ethoca

Ethoca

Ethoca is a secure network for card issuers and merchants to connect and work cooperatively outside the payment network in a unique and powerful way.

Privacy Analytics

Privacy Analytics

Privacy Analytics enables healthcare organizations to unleash the value of sensitive data for secondary purposes without compromising personal health information.

National Cybersecurity Hub - South Africa

National Cybersecurity Hub - South Africa

The mission of the National Cybersecurity Hub is to be the central point of collaboration for cybersecurity incidents in South Africa.

Approachable Certification

Approachable Certification

Approachable Certification is a UKAS accredited certification body offering down-to-earth and competitively priced audits against ISO Management Systems standards.

The Cyber AB

The Cyber AB

The Cyber AB is the official accreditation body of the Cybersecurity Maturity Model Certification (CMMC) Ecosystem.

Security Weaver

Security Weaver

Security Weaver is a leading provider of governance, risk and compliance management (GRCM) software.

Akito

Akito

Akito was set up to become a point of reference in the ICT market for issues related to Security and in particular Cyber Security.

Intel

Intel

Intel products are engineered with built-in security technologies to help protect potential attack surfaces.

Spyderbat

Spyderbat

Spyderbat ATI closes the manual investigation gap between detection and response by instantly presenting causally connected threat activity to security analysts at the onset of an investigation.

Computer Services Inc (CSI)

Computer Services Inc (CSI)

CSI is a leading fintech, regtech and cybersecurity solutions partner operating at the intersection of innovation and service.

Censinet

Censinet

Censinet provides the first and only third-party risk management platform for healthcare organizations to manage the threats to patient care that exist within an expanding ecosystem.

Applied Connective Technologies

Applied Connective Technologies

Applied Connective is one team for all your technology needs, from IT to phones, cyber security to physical security, audio/video and the infrastructure to support it.

AUCloud

AUCloud

AUCloud is a leading Australian cyber security and secure cloud provider, specialising in supporting businesses and Governments with the latest cloud infrastructure.