Hacking groups are continuing to launch cyberattacks on Russia as a show of solidarity with Ukraine—whose military intelligence agency reportedly conducted an operation of its own against Russia-occupied Crimea—as the conflict between the countries continues.
RBC-Ukraine reported that Ukraine "carried out a large-scale special operation targeting the occupation authorities in Crimea" that culminated in "a powerful DDoS attack [that] effectively paralyzed the information systems and network infrastructure in Crimea."
Although there are exceptions, like when someone finds a way to send dozens of terabytes of traffic per second to a single target, distributed denial-of-service (DDoS) attacks usually aren't very sophisticated. They simply bombard their target with too much traffic for it to handle.
But sophistication is not a prerequisite for effectiveness—especially when a DDoS attack causes enough of a distraction for Ukraine to steal a reported 100TB of data from other targets before "[wiping] all data stored on the servers of regional and district government bodies, ministries, and agencies of the occupation administration in Crimea," per RBC-Ukraine.
This combination of a DDoS attack and another operation is so common that it can make responding to a DDoS attack more complex than simply mitigating the immediate service disruptions. Organizations also have to determine if the DDoS attack is merely a distraction, like it was here, and if so, what exactly it was supposed to be distracting them from.
That puts organizations in a lose-lose situation. Assuming that a DDoS attack is a distraction means they have to devote resources to figuring out if something else is happening in addition to mitigating the DDoS itself; assuming that a DDoS attack isn't a distraction means they might not notice the signs of a larger operation until it's too late.
Ukraine's military intelligence agency wasn't alone in carrying out destructive cyberattacks against Russia. The Kyiv Independent reported that the Silent Crow and Belarusian Cyber Partisans hacking groups conducted a similar operation against a Russian airline called Aeroflot.
Aeroflot reportedly had to ground "dozens of flights to and from Moscow" on July 28 due to "a massive malfunction in its information system." Silent Crow was quick to claim responsibility, claiming that it "completely destroyed the company's IT infrastructure" after a year of preparation.
These attacks both arrived shortly after a joint operation from Ukraine's military intelligence agency, the Ukrainian Cyber Alliance, and BO Team reportedly wreaked havoc on a supplier of drones to Russia's military. Don't be surprised if similar attacks—conducted with or without support from Ukraine's military—continue in the weeks and months ahead.
Follow Tom's Hardware on Google News to get our up-to-date news, analysis, and reviews in your feeds. Make sure to click the Follow button.
