Hacktivism and the Rise in DDoS Attacks

It is no secret that many protests have erupted after the death last month of George Floyd. However, a lesser-known fact is that a significant amount of online protesting has also emerged. This blog aims to focus on how protestors and various social organizations are using hacking as a vehicle to accomplish their objectives. The term ‘hacktivist” is used to describe cyber threat actors who are politically motivated.

In a recent report by IBM’s X-Force threat intelligence division, it was revealed that data breaches as a result of hacktivist groups like ‘Anonymous,’ have declined since 2015. The group Anonymous is a loose collective of hacktivists that emerged in 2003 and recently made a comeback by defacing a Minnesota Senate’s website and leaving the message “Justice for George Floyd.” The attack was simple in that the launched a Distributed Denial of Service (DDoS) attack that caused an outage on the webpage. A DDoS attack is when a server’s resources are overloaded with request and thus becomes unusable. Cloudflare, a well-respected website security firm, published a report on cyber-attacks since the death of Floyd. In it they stated to have blocked 135.5 billion requests the weekend following Floyd’s death, this is a 26% increase of attempted DDoS attacks. Additionally, the report reveals organizations classified as “advocacy groups” were disproportionally subject to much higher attack statistics with the groups going from almost no attacks in April to 20,000 requests per second on a single site.

Image via Cloudfare

Anonymous is just one of several groups using DDoS style attacks to combat racial tensions and cancel the speech of racist organizations such as the KKK and other nefarious organizations. Despite not having a unified social view, Anonymous has a history of acting over racial disparities. Floyd’s death has led to what many are saying is the most turbulent civil unrest since the assassination of Martin Luther King in 1968 and as such protests are happening everywhere. Anonymous tweeted that they would “intervene if and when it becomes necessary” if people at protests were harshly penalized. It is worth noting that Anonymous’s history of launching attacks against influential targets like the Church of Scientology and the Federal Bureau of Investigation means they should not be taken lightly.

Even though Anonymous unofficially dismantled and broke up into different units over political disagreements, news of their web server attack spread rapidly spread on social media platforms like Facebook and Twitter. Indicating that what they lack as a hacktivist organization, they make up for in social media influence. This social media influence is notable in that it encourages others to use cyber tactics to make a statement and or debilitate groups or competitors with conflicting opinions.

View image on Twitter

Image via twitter

Within the current socio-economic landscape, we are not entirely sure what the end goal of a typical Anonymous hacktivist or any hacktivist is for that matter, but with the popularity gained from a single DDoS attack and newfound awareness of technologies influence, we can expect to see hacktivists replicate it. Unfortunately, DDoS attacks are being used to execute politically motivated attacks for many ideologies. As such, organizations publicly speaking out against oppression will continue to battle cyber-attacks that only aim to silence them.

Silent Sector knows DDoS attacks are nothing new, and that if one looks at history, they can without a doubt tell that cyber adversaries use real-world events to trigger attacks. Whether that be taking advantage of the new remote workforce due to COVID-19, election hacking, or most recently the horrific death of George Floyd – the internet is increasingly being used and abused to commit atrocities. Has your organization evaluated its online presence and preparedness for cyberattacks like DDoS? Contact Silent Sector today to hear how we can assess your organization's security and enable you to be prepared for the diverse objectives of threat actors today.

About the Author

Written by Haidon Storro

Cybersecurity Research & Content Manager, Silent Sector -- Haidon Storro is a Cyber Security Analyst for CVS Health. She has her BS in IT Cyber Security as well as security certifications like CompTIA Security+ and ISC2. While Haidon is newer to the security community, she has dedicated herself to learning as much as she can through internships, online courses, and conventions like DefCon. In her free time, she enjoys reading about new advancements in technology, going to security meetups and participating in cyber defense competitions. One of Haidon’s goals is to make the connected world safer by bridging the human aspect with technology.