Several Public NATO Websites Attacked Over the Weekend in DDoS Assault

This story is sure to be in the news for a while. It is yet another incident to add to the list of events that have happened as a result of the tensions over Crimea.

According to Reuters, NATO’s main public website was hacked via a DDoS (distributed denial of service) attack last weekend. In a nutshell, hackers spammed the website with requests, which caused it to crash.

Reuters says a NATO-affiliated cyber security center in Estonia and NATO’s unclassified email network were also affected.

So who did it? Though Reuters says it couldn’t be independently verified, a group called “cyber berkut” said patriotic Ukrainians carried out the attack in an angry response to what they considered NATO interference in their country. “Berkut” is a reference to the riot squads formerly used by ousted pro-Russian Ukrainian President Viktor Yanukovich’s government, according to Reuters.

Reuters says groups calling themselves the same name, “cyber berkut,” have been attacking several Ukrainian websites recently. According to Reuters, some experts also believe the group might be affiliated with Russian intelligence.

Interestingly, this DDoS attack comes just a couple of days after a group calling itself “Anonymous Russia” briefly crashed the Kremlin website in an act of so-called “hacktivism.”

In an article by Infosecurity magazine, the CTO of Lancope, a network visibility and security intelligence company, analyzed the NATO DDos attack.

“Clearly from the information released so far, this attack was politically based,” said Lancope CTO Tim 'TK' Keanini in an email to Infosecurity.

“In these cases, reporting is easy since the perpetrator wants to be known and the reasons for the attack proclaimed at the time of the event. Compare this to other profiles like cybercriminals who don’t want to be known, hide in the shadows and launch DDoS for a diversion while they perform their objective of data theft.”

Keanini then offered some advice which can be taken as a lesson to be learned from this incident; a friendly reminder to expect the unexpected and plan ahead.

“These political sites should rehearse this scenario because from here on out it should be common. Their incident response should include not just IT folks but the legal, PR, and all the other departments that help insure {sic. ensure} business continuity,” said Keanini.


For more information, see the Reuters article about the NATO websites here:
The Reuters article about the Kremlin website here:
The Infosecurity article here: