The Russia vs Ukraine war has gone virtual, sparking unprecedented hacking activities between the two countries, according to Kaspersky.
The tech security firm says that the number of hacking known as Distributed Denial of Service (DDoS) attacks in Q1 2022 rose 4.5 times compared to Q1 2021, “with a considerable number of the attacks likely to be the result of hacktivist activity.”
Russia vs Ukraine: The Cyberwarfare
The attacks, Kaspersky reveals in a new report, also showed an unprecedented duration for DDoS sessions, particularly those aimed at state resources and banks.
DDoS attacks, the tech security firm explains, are designed to interrupt network resources used by businesses and organisations and prevent them from functioning properly.
“They become even more dangerous if the compromised systems are in government or financial sectors, as these services being unavailable has knock-on effects that affect the wider population. Q1 2022 saw a sudden increase in attacks in late February as a result of the crisis in Ukraine”, according to Kaspersky.
The report also shows that compared to figures from Q4 2021, which had been considered the all-time highest number of DDoS attacks detected by Kaspersky solutions, Q1 2022 saw the total number of DDoS increase by 46%, growing 4.5 times compared to the same quarter in 2021.
The amount of “smart” or advanced and targeted attacks, the tech security firm says, also showed a notable growth of 81% compared to the previous record from Q4 2021.
Kaspersky reveals that, “the attacks were not only performed at scale but were also innovative. Examples include a site mimicking the popular 2048 puzzle game to gamify DDoS attacks on Russian websites, and a call to build a volunteer IT army in order to facilitate cyberattacks.”
Further investigation conducted by Kaspersky reveals that an average DDoS session lasted 80 times longer than those in Q1 2021, with the longest attack was detected on March 29 with an atypically long duration of 177 hours.
“In Q1 2022 we witnessed an all-time high number of DDoS attacks. The upward trend was largely affected by the geopolitical situation. What is quite unusual is the long duration of the DDoS attacks, which are usually executed for immediate profit. Some of the attacks we observed lasted for days and even weeks, suggesting that they might have been conducted by ideologically motivated cyberactivists. We’ve also seen that many organisations were not prepared to combat such threats. All these factors have caused us to be more aware of how extensive and dangerous DDoS attacks can be. They also remind us that organisations need to be prepared against such attacks,” Alexander Gutnikov, security expert at Kaspersky says.
To stay protected against DDoS attacks, Kaspersky experts offer the following recommendations:
- Maintain web resource operations by assigning specialists who understand how to respond to DDoS attacks;
- Validate third-party agreements and contact information, including those made with internet service providers. This helps teams quickly access agreements in case of an attack;
- Implement professional solutions to safeguard your organisation against DDoS attacks. For example, Kaspersky DDoS Protection combines Kaspersky’s extensive expertise in combating cyberthreats and the company’s unique in-house solutions;
- Know your traffic. It’s a good option to use network and application monitoring tools to identify traffic trends and tendencies. By understanding your company’s typical traffic patterns and characteristics, you can establish a baseline to more easily identify unusual activity that is symptomatic of a DDoS attack;
- Have a restrictive Plan B defensive posture ready to go. Be in a position to rapidly restore business-critical services in the face of a DDoS attack.