Critical Infrastructure Security, Vulnerability Management

FBI warns of politically motivated hacktivist activity, DDoS attacks in alert

FBI seal
The FBI issued a private industry notification Friday that warned of politically motivated hacktivism activity to critical infrastructure companies. (Photo by Chip Somodevilla/Getty Images)

With the Nov. 8 general election nearing, the FBI issued a private industry notification on Friday warning of hacktivism activity and encouraged organizations to implement recommendations on mitigating distributed denial of service attacks.

Pro-Russian hacktivist groups are using DDoS attacks to target critical infrastructure companies with limited success by providing the tools and guidance to anyone willing to conduct attacks on behalf of their cause, the FBI said in the alert. 

While the attacks are described as opportunistic in nature and have minimal operational impacts on victims, the hacktivists will often publicize and exaggerate the severity of the DDoS attacks of public-facing websites, along with social media profile defacement. 

The FBI said high-profile targets include financial institutions, health and medical facilities, emergency services, airports and government facilities. 

Coincidentally on Friday, Microsoft released its Digital Defense Report 2022, which showed the number of nation-state attacks on critical infrastructure increased from 20% of all such attacks Microsoft detected to 40%. The Redmond, Washington-software giant also pointed to the Russia-Ukraine conflict with the rise in attacks on critical infrastructure.

As noted by Kaspersky’s Securelist blog on Monday, DDoS attacks were, more often than not, politically motivated in Q3 2022. The pro-Russian group Killnet took responsibility for attacks in Estonia, Lithuania, Japan and the U.S., including the U.S. Electronic Federal Tax Payment System and attacks that took down airport websites. In turn, pro-Ukrainian hacktivists targeted Russian resources and media outlets.

Other politically motivated DDoS attacks struck elsewhere, such as Taiwan in response to the visit by a sitting U.S. Speaker of the House Nancy Pelosi, Israel, Kazakhstan, Eastern Europe, and elsewhere. 

The FBI says critical infrastructure organizations should enroll in denial-of-service protections services, partner with ISPs, create recovery plans and monitor network assets for suspicious activity that could indicate a secondary attack. 

Stephen Weigand

Stephen Weigand is managing editor and production manager for SC Media. He has worked for news media in Washington, D.C., covering military and defense issues, as well as federal IT. He is based in the Seattle area.

Related

Third-party ransomware attack threatens Sweden’s liquor supply

Swedish government-owned liquor retailer Systembolaget, which is the country's lone vendor of alcoholic beverages, has warned of a shortage of some beers, wines, and spirits across the country following a ransomware attack against its distributor Skanlog, which its CEO Mona Zuko has attributed to a North Korean state-sponsored threat operation, according to The Record, a news site by cybersecurity firm Recorded Future.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.