Recently, several important Swedish services have been hit by distributed denial-of-service attacks: a few weeks ago it was Swish, before that it was Bank-id, and when the tax return period started in March, the DDoS guns were aimed at the Swedish Tax Agency. DDoS attacks are an interesting phenomenon that is often not easy to pinpoint on the scale between a prank and warfare, even when you know who is behind them.
Sweden is not the only country affected either, last week the Netherlands Cyber Security Centre issued a statement saying that the pro-Russian hacktivist group NoName057(16) had launched a series of DDoS attacks against organizations in the country. The same group has also claimed several DDoS attacks in the UK.
The usual DDoS attack can usually be traced back to so-called hacktivists, a kind of digital marauders who want to draw attention to a particular issue and create chaos and unrest. A DDoS attack is relatively easy and cheap to carry out; just a month ago Europol shut down a network of DDoS services that offered attacks for as little as 100 kroner.
While these hacktivists often operate under some form of government wing, making them more than just the digital equivalent of “Restore the Wetlands”, I still think it makes sense to treat the DDoS attacks more as activists than as part of a hybrid war. Although they absolutely can be.
Because without playing it down too much, the DDoS attacks are not doing much damage. Of course, it’s not good that Swish or Bank-id are down for a few hours, but it’s not a threat to society either. It bothers me a bit that there are always critics who go on and on about poor resilience, “our vulnerable digital society” and the risks of being so dependent on a few services. These things are important to talk about, but bringing them up in the context of these attacks is exactly what the hacktivists want.
It also puts the focus and responsibility on the victims, even though they have done a pretty good job of protecting themselves. The services are back up and running. Few people blame the Swedish Transport Administration when the Essingeleden road jams because climate activists have glued themselves to the roadway, or the airport when the same group of activists prevents a plane from taking off from Malöga. But in some people’s eyes, it seems that those providing digital services need to spend their entire IT budget with Cloudflare to avoid criticism.
Fortunately, Swedish mainstream media have gotten better at reporting on these things. Of course, there are blaring headlines and push notifications that the services are down, but I have also seen experts be called quite quickly to provide context. This makes it easier to avoid mass hysteria and for the activists to achieve their goals, if we are talking about resilience.
Of course, we should take seriously, discuss, and deal with the fact that rogue states have the ability to disrupt services that are important to citizens. But in practice, it is best to handle the attacks like activists stuck on the E4 highway — you may find it annoying and perhaps get angry, but when the road reopens, you drive on.
Stronger reactions than that only play into the hands of the “hacktivists”.
The original article found on Don’t give hacktivists what they really want | CSO Online Read More