Admin I Friday, Feb. 09, 2024
DDoS attacks against Poland skyrocket in wake of new Prime Minister’s election
JOHANNESBURG – Changes in political leadership can cause disruptions in many areas. One notable area is in the cyberspace, where DDoS attacks often spike with a change of the guard.
These spikes often result from hacktivist and other groups opposing the viewpoints of newly elected officials.
Some notable groups that fit this mould include Killnet, Anonymous Sudan, and NoName057, who often target countries that are perceived as ‘anti-Muslim’ or show support and solidarity with Ukraine. Countries across Africa have felt the wrath of Anonymous Sudan in particular, with organisations across Kenya, Nigeria, and even as recently as January this year, Chad, reeling from the effects of its targeted DDoS attacks.
In a recent X thread, it is explained that since late December, Central European country Poland has been the target of several groups as new Prime Minister Tusk was sworn in.
The most notable group targeting Poland is NoName057, directing attacks on several types of websites, including government administration, transportation and logistics, finance (commercial banking), judicial government, manufacturing, air transport, and media. This list is just what NoName057 has claimed credit for; the actual list could be much longer.
When tracking DDoS attack trends against Poland from NETSCOUT’s global perspective, we see the spikes beginning just days after Prime Minister Tusk and his new government were sworn in.
Attack volume begins to increase around Christmas, and continue to remain elevated to this day, spiking on January 14th with more than 5,000 total attacks. This spike in attacks, fuelled by the new government’s support of Ukraine, resulted in a massive 4X increase in DDoS attack volume.
NoName057 typically uses botnets running DDoSia code to power its attacks. Upon diving into Poland’s DDoS attack traffic, it was discovered that nearly half of the attacks against the nation were sourced from nodes that are classified as DDoS bots. This massive influx represents 15 to 20% of the global botnet DDoS attacks aimed like a telescope at Poland.
Groups like NoName057 will continue to wage a political and religious war against any nation that stands in the way of their ideals and goals. That means that governments, service providers, and enterprises, as well as society at large, should be prepared for these attacks to continue and grow. This is especially true when the nations and the public support the ideals these groups oppose.
The best defence is a strong DDoS protection solution. Learn more about how NETSCOUT’s Arbor DDoSproduct line can help keep you up and running in the wake of DDoS attacks.