News
2024, the year of elections and politicaly motivated DDOS attacks – Netscout comments
February 2024 by NETSCOUT
This year is a significant one for elections on the global stage, with more than 60 taking place worldwide – including national elections in the five most populous countries in the world. In fact, across the globe, more voters than ever before will make their way to the polls in 2024, with almost half (49 per cent) of the world’s inhabitants[1] having the opportunity to cast their vote.
Elections in countries including the US, UK, Russia and Brazil, as well as the European Union, will shape the geopolitical landscape. Against this backdrop of political decisions that carry global impact comes the threat of disgruntled and dissident cybercriminals launching politically motivated distributed denial-of-service (DDoS) attacks.
Richard Hummel, threat intelligence lead for NETSCOUT discusses election-related DDoS attacks and details how a change in political leadership can cause disruptions in the cyberspace:
"Political motivations have caused an upward trend in DDoS attacks over recent years[2]. For instance, Sweden has experienced an onslaught of attacks as its bid to join NATO progresses, while Bangladesh was targeted prior to last month’s general election. NETSCOUT also discovered that an unusually contentious presidential election cycle in Colombia in 2022[3] was accompanied by successive waves of DDoS attacks.
"In terms of election-related DDoS attacks, cybercriminals can impede voting processes in a number of ways, such as overwhelming voter information and registration sites, disrupting campaign websites and targeting official results reporting. If threat actors launch these attacks close enough to a voter registration or ballot casting deadline, members of the public may be prevented from accessing the necessary online service and could potentially lead to voters missing their chance to vote.
"Nevertheless, it’s not just election campaigns that cybercriminals target – the outcomes of these votes can also lead to a surge in cyberattacks. For example, in late 2023, pro-Russian hacktivist group NoName057[4] began launching attacks on the Polish government following the election of Prime Minister Donald Tusk. The new government’s support of Ukraine, which stands in direct opposition to the threat actors’ interests, seems to have fuelled this surge in attack activity[5].
"Hacktivist groups such as NoName057 and Anonymous Sudan are known to wage political and religious war against any nation or official that stands in the way of their ideals and goals. The groups often target nations perceived as ’anti-Muslim’ or those which show support and solidarity with Ukraine, attacking any entity that does not align with their agenda.
"Therefore, governments, service providers, and enterprises, as well as society in general, should be prepared for DDoS attacks to increase this year given the number of elections taking place. This necessitates organisations implementing industry best current practices (BCPs) in conjunction with ensuring their DDoS protection solutions are up to standard and ready to take on the threat that hacktivist groups pose."
