Politically motivated cyber attacks are on the rise, putting our elections at risk

Politically motivated cyberattacks are on the rise, putting our elections at risk

Netscout found that DDoS attacks rose 15% in the second half of 2023 compared to the first half.

BY Chris Stokel-Walker

More than 7 million distributed-denial-of-service (DDoS) attacks were launched in the last six months of 2023—and an increasing number of them are politically motivated, a new new analysis finds.

The cybersecurity defense services provider Netscout tracked the sectors in which victims worked, and the time at which they were attacked. It found that DDoS attacks rose 15% in the second half of 2023 compared to the first half. Many were politically motivated; it also determined that most of the cyberattacks traced back to a handful of bad actors.

“The months leading up to the biggest election year to date have seen a shift in the global cybersecurity landscape towards a trend of politically motivated DDoS attacks,” says Richard Hummel, threat intelligence lead at Netscout. And some individual actors, supporting state interests, were behind many of those incursions. 

“An unprecedented number of attacks were launched by hacktivist groups such as NoName057(016) and Anonymous Sudan, targeting opponents for geopolitical causes, as well as waging political and religious war against any nation or official that stands in the way of their ideals,” says Hummel.

NoName057(016) topped the list of DDoS adversaries in 2023, targeting 780 websites across 35 countries, according to Netscout’s data. NoName057(016), Anonymous Sudan, and the group Killnet have also all taken credit for DDoS attacks in Ukraine, Russia, Israel, and Palestine, targeting communications infrastructure, hospitals, and banks.

Hummel says NoName057(016) appears to be affiliated with Russia—or at least, says that the attackers appear to have an affinity with the country. “These groups target countries that express support for Ukraine—in line with their pro-Russian agenda,” he says. (Killnet has also been linked to Russia.)

Ahead of Spain’s general election last year, NoName057(016) swamped a number of websites in the country with overwhelming volumes of web traffic and damaged government platforms, including attempted attack on the country’s electoral commission. “[The attackers were] citing the incumbent Spanish government’s support of Ukraine in the ongoing Russia-Ukraine conflict as their motive,” he says.

Poland also saw a surge in DDoS attacks by NoName057(016) following the swearing-in of its new prime minister, Donald Tusk, who’s been supportive of Ukraine.

Beyond Ukraine, other countries around the world experienced an uptick in incidents last year following major political or geopolitical events. Peru saw a 30% increase in attacks tied to protests against the release of its former president, Alberto Fujimori, despite an outcry of human rights violations during his autocratic rule.

Hummel only expects to see more politically linked cyberattacks as the world sees a slate of elections in the coming months. “Cybercriminals will attempt to cause maximum disruption by launching attacks throughout these election campaigns, as well as following the event,” he says.

 

 

ABOUT THE AUTHOR

Chris Stokel-Walker is a freelance journalist and Fast Company contributor. He is the author of YouTubers: How YouTube Shook up TV and Created a New Generation of Stars, and TikTok Boom: China’s Dynamite App and the Superpower Race for Social Media. 


Fast Company

(20)