NATO website hit hard by denial-of-service attack as Crimean tension rises

NATOThis weekend a number of websites belonging to NATO, including its main website at www.nato.int, struggled to remain online as online criminals launched a distributed denial-of-service (DDoS) attack.

A group of pro-Russian hackers called "Cyber Berkut" claimed responsibility for the attack, which came on the eve of a controversial referendum in Crimea which saw over 90% of voters choose to quit Ukraine for Russia.

DDoS attacks manage can bring down websites by flooding them with so much web traffic that they can no longer stand up, and legitimate visitors will find the site too clogged up with visitors to work. It's the equivalent of 15,000 fat men trying to get through a revolving door at the same time.

Typically, DDoS attacks use compromised computers to flood a website with traffic, but it's also known for the owners of computers to be willing participants in an attack, intentionally running tools like the Low Orbit Ion Cannon to help those behind the attack to achieve their goals.

NATO website, struggling to stay online

NATO spokesperson Oana Lungescu confirmed via Twitter that some NATO websites had suffered from a DDoS attack, and reassured internet users that the integrity of NATO data and systems was not affected.

The attack came after NATO's secretary general published a statement on the website, claiming that the referendum would have "no legal effect or political legitimacy."

NATO statement on Ukraine referendum

Of course, clogging up a website is very different from hacking a website - and although still malicious, it's a lot less serious than a security breach that could have stolen information or planted malware.

Although DDoS attacks can be initiated for the purposes of blackmailing companies (imagine, for instance, the not uncommon scenario of a gambling website being threatened with a DDoS attack if it doesn't wire money to the attackers), this incident is another reminder that attacks can often also be perpetrated for political hacktivist reasons or through the desire to curb freedom of speech.

Tags: , , , , , ,

Smashing Security podcast
Check out "Smashing Security", the new weekly audio podcast, with Graham Cluley, Carole Theriault, and special guests from the world of information security.

"Three people having fun in an industry often focused on bad news" • "It's brilliant!" • "The Top Gear of computer security"

Latest episode:

, , , , , ,

3 Responses

  1. Nirmal

    March 17, 2014 at 7:30 am #

    There is a small typo in the 5th paragraph. "… the integrity of NATO data and systems was affected." "not" is missing.

  2. Coyote

    March 19, 2014 at 12:50 am #

    On the subject of typos, there is a word that sort of breaks the flow of the sentence it is in:

    "DDoS attacks manage can bring down websites by flooding them with so much web traffic that they can no longer stand up, and legitimate visitors will find the site too clogged up with visitors to work. It’s the equivalent of 15,000 fat men trying to get through a revolving door at the same time."

    Referring of course to the word 'manage'. That's the real point of my response, even though it is hardly important. I am however a stickler and can be very nitpicky. Also, since it has been a while since I've written anything even semi technical, anywhere, I'll go along with it and submit this:

    Otherwise (and I Graham knows this as do some other readers but maybe some don't) – a DDoS attack (or a DoS attack for that matter) does not have to involve web traffic at all in order to make it next to (if not completely) impossible to reach the victim. It of course does not have to involve TCP at all. To the uninformed: there are unfortunately many gateways (networking pun very much intended) to attacks of all kinds and this includes denial of service attacks; such attacks need only disable a service and that includes by crashing the server, the service running on the server or simply overwhelming it with traffic so that no legitimate traffic can reach it. To be strictly technical there are other ways too but the point is the same: it is named very appropriately but there are many methods and more complexities involved, just like everything else in this universe. Semi related: DoS attacks have also been employed in other kinds of attacks that allow a person to compromise a server.

Leave a Reply