The EU parliament website suffered a distributed denial of service (DDoS) cyber attack, moments after declaring Russia a state sponsor of terrorism and calling for further isolation. A DDoS attack involves flooding the targeted website with requests to prevent legitimate users from accessing it.
Anonymous Russia, a cyber-hacktivist group linked to the Killnet DDoS group, claimed responsibility for the attack.
A “sophisticated cyber attack” took down the EU parliament website
EU parliament officials linked the cyber attack to a pro-Russian group known for executing DDoS attacks against countries that oppose Russia.
“The European Parliament is under a sophisticated cyberattack. A pro-Kremlin group has claimed responsibility,” European Parliament President Roberta Metsola tweeted.
She added that the EU parliament’s IT experts were “pushing back against it & protecting our systems. This, after we proclaimed Russia as a state-sponsor of terrorism.”
Jaume Dauch, the Director General for Communication and Spokesperson of the European Parliament, also indicated that the European parliament website downtime resulted from external traffic.
“The availability of Europarl_EN website is currently impacted from outside due to high levels of external network traffic,” He said adding that the traffic was “related to a DDOS attack (Distributed Denial of Service) event.”
According to Oliver Pinson-Roxburgh, CEO of Defense.com, the timing of the cyber attack was significant.
“The attack on the European Parliament looks to have been timed specifically, hitting their systems at a moment of maximum demand that would be guaranteed to command the greatest attention from the watching world,” Pinson-Roxburgh said.
Attributing the cyber attack to the Killnet DDoS group, he suggested that cyberattacks had presumably become viable geopolitical tools for nation-state actors.
“The Russian group likely to have been behind the attack, Killnet, have form in using DDoS attacks to sow disruption in countries deemed to oppose war in Ukraine.”
EU parliament called for further isolation of Russia
According to the non-binding resolution, Russia’s “deliberate attacks” on Ukraine’s civilian population, and the “destruction of civilian infrastructure and other serious violations of human rights and international humanitarian law amount to acts of terror against the Ukrainian population and constitute war crimes.”
The EU parliament thus recognized Russia as a state sponsor of terrorism and a state which uses terrorism to achieve its objectives. Subsequently, the EU parliament wants the European Union to further isolate Russia from international bodies such as the United Nations Security Council. Additionally, EU parliament members want the union to reduce diplomatic ties and contacts with Russian officials to a bare minimum and shut down state-affiliated entities spreading pro-war propaganda. However, the EU law cannot designate an entire country as a terrorist state but can target specific individuals for their responsibility in terroristic acts.
Multiple DDoS attacks with limited impact
Killnet is responsible for several DDoS attacks with varying degrees of success since Russia invaded Ukraine in late February. They include the DDoS attacks on U.S. airports in October, attacks on U.S. state government websites in Colorado, Kentucky, and Mississippi, the FBI, the US Department of Treasury, and the London Stock Exchange. The Killnet DDoS group has also targeted Ukraine’s allies, such as Romania and Italy.
In November 2022, the FBI said that DDoS attacks by the pro-Russian group had limited impact on targets because they target the public-facing websites instead of the underlying services. However, according to Oz Alashe, CEO of CybSafe, the cyber attack on the EU parliament’s website was a reminder that anyone could become the victim of a cyber attack.
“Oftentimes the networks being used to initiate these attacks have been compromised due to poor cyber security hygiene, awareness, and behavior. However, there are ways to prepare, including strong network security, the continuous monitoring of web traffic, and using multiple servers that are difficult to attack at once.”
Alashe advised organizations to treat cyber security as an active process rather than a compliance exercise.
“Whether it is DDoS attacks, phishing, or ransomware, one thing is certain – the current status quo must change. We need to fundamentally shift our approach to cyber security by targeting behaviours rather than simply awareness.”