A recent wave of distributed denial-of-service (DDoS) attacks directed at US targets by various hacktivists has been largely ineffective, producing only minor inconveniences, the FBI says.
The Bureau reached out to companies to explain why it’s essential to strengthen the security posture, especially in a period rife with DDoS attacks. Many of these attacks are carried out by pro-Russian hacktivists who target critical infrastructure.
“DDoS attacks of public facing websites, along with web page and social media profile defacement, are a preferred tactic for many operations,” the FBI explains. “These attacks are generally opportunistic in nature and, with DDoS mitigation steps, have minimal operational impact on victims; however, hacktivists will often publicize and exaggerate the severity of the attacks on social media. As a result, the psychological impact of DDoS attacks is often greater than the disruption of service.”
Hacktivists often choose high-profile targets such as financial institutions, medical facilities, emergency services, airports and government facilities. Numerous airports and the US Treasury reported DDoS attacks in the past couple of months, although they had little effect on day-to-day operations.
Despite the lack of initial success of these types of attacks, the FBI recommends companies adopt DDoS protection services that can detect abnormal traffic and redirect it. Moreover, DDoS attacks are sometimes used to hide other types of intrusions, so the FBI advises companies to monitor other network assets for additional anomalous or suspicious activity that could indicate a secondary attack.
While the FBI says the recent DDoS activity in the US only caused minor inconveniences, the agency wants to ensure that companies and institutions are prepared for a possible increase in DDoS attacks as the war between Russia and Ukraine continues.