This weekend a number of websites belonging to NATO, including its main website at www.nato.int, struggled to remain online as online criminals launched a distributed denial-of-service (DDoS) attack.
A group of pro-Russian hackers called “Cyber Berkut” claimed responsibility for the attack, which came on the eve of a controversial referendum in Crimea which saw over 90% of voters choose to quit Ukraine for Russia.
DDoS attacks manage can bring down websites by flooding them with so much web traffic that they can no longer stand up, and legitimate visitors will find the site too clogged up with visitors to work. It’s the equivalent of 15,000 fat men trying to get through a revolving door at the same time.
Typically, DDoS attacks use compromised computers to flood a website with traffic, but it’s also known for the owners of computers to be willing participants in an attack, intentionally running tools like the Low Orbit Ion Cannon to help those behind the attack to achieve their goals.
NATO spokesperson Oana Lungescu confirmed via Twitter that some NATO websites had suffered from a DDoS attack, and reassured internet users that the integrity of NATO data and systems was not affected.
DDoS attack on some #NATO sites ongoing but most services restored. Integrity of NATO data &systems not affected. We continue working on it
— Oana Lungescu (@NATOpress) March 16, 2014
The attack came after NATO’s secretary general published a statement on the website, claiming that the referendum would have “no legal effect or political legitimacy.”
Of course, clogging up a website is very different from hacking a website – and although still malicious, it’s a lot less serious than a security breach that could have stolen information or planted malware.
Although DDoS attacks can be initiated for the purposes of blackmailing companies (imagine, for instance, the not uncommon scenario of a gambling website being threatened with a DDoS attack if it doesn’t wire money to the attackers), this incident is another reminder that attacks can often also be perpetrated for political hacktivist reasons or through the desire to curb freedom of speech.