DDOSED — European Parliament declares Russia a terrorism sponsor, then its site goes down Pro-Kremlin group called Killnet takes credit.
Dan Goodin – Nov 23, 2022 8:59 pm UTC Enlarge / An iteration of what happens when your site gets shut down by a DDoS attack. reader comments 177 with 0 posters participating Share this story Share on Facebook Share on Twitter Share on Reddit
The European Parliament website was knocked offline for several hours on Wednesday by a distributed denial-of-service (DDoS) attack that started shortly after the governing body voted to declare the Russian government a state sponsor of terrorism.
European Parliament President Roberta Metsola confirmed the attack on Wednesday afternoon European time, while the site was still down. A pro-Kremlin group has claimed responsibility, she wrote on Twitter. Our IT experts are pushing back against it & protecting our systems. This, after we proclaimed Russia as a State-sponsor of terrorism.
While this post was being reported and written, the website became available again and appeared to work normally.
Further ReadingPro-Russia threat group Killnet is pummeling Lithuania with DDoS attacksThe pro-Kremlin group Metsola referred to is likely the one known as Killnet, which emerged at the start of Russia’s invasion of Ukraine and has posted claims of DDoS attacks in countries supporting the smaller nation. Targets have included police departments, airports, and governments in Lithuania, Germany, Italy, Romania, Norway, and the United States.
Shortly after Wednesdays attack against the European Parliament started, Killnet members took to a private channel on Telegram to post screenshots showing the European Parliament website was unavailable in 23 countries. Text accompanying the images made a homophobic remark directed at the legislative body. Enlarge
Advertisement Enlarge
The outage occurred shortly after the parliament overwhelmingly voted to declare the Kremlin a sponsor of terrorism.
Members of the European Parliament highlight that the deliberate attacks and atrocities committed by Russian forces and their proxies against civilians in Ukraine, the destruction of civilian infrastructure and other serious violations of international and humanitarian law amount to acts of terror and constitute war crimes, the declaration stated. In light of this, they recognize Russia as a state sponsor of terrorism and as a state that uses means of terrorism.
The resolution was adopted with 494 votes in favor, and 58 against. There were 44 abstentions.
DDoS attacks typically harness the bandwidth of hundreds, thousands, and in some cases, millions of computers infected with malware. After coming into their control, the attackers cause them to bombard a target site with more traffic than they can accommodate, forcing them to deny service to legitimate users. Traditionally, DDoS has been among the crudest forms of attack because it relies on brute force to silence its targets.
Further ReadingNew method that amplifies DDoSes by 4 billion-fold. What could go wrong?Over the years, DDoSes have become more advanced. In some cases, the attackers can increase the bandwidth by as much as a thousand-fold using amplification methods, which send data to a misconfigured third-party site, which then returns a much larger amount of traffic to the target.
Further ReadingThe record-setting DDoSes keep coming, with no end in sightAnother innovation has been designing attacks that exhaust the computing resources of a server. Rather than clogging the pipe between the website and the would-be visitorsthe way more traditional volumetric DDoSes workpacket-per-second attacks send specifc types of compute-intensive requests to a target in an attempt to bring the hardware connected to the pipe to a standstill.
Metsola said the DDoS attacks on the European Parliament were sophisticated, a word thats often misused to describe DDoSes and hacks. She provided no details to corroborate that assessment. reader comments 177 with 0 posters participating Share this story Share on Facebook Share on Twitter Share on Reddit Dan Goodin Dan is the Security Editor at Ars Technica, which he joined in 2012 after working for The Register, the Associated Press, Bloomberg News, and other publications. Find him on Mastodon at: https://infosec.exchange/@dangoodin Email dan.goodin@arstechnica.com Advertisement Channel Ars Technica ← Previous story Next story → Related Stories Today on Ars