A series of DDoS attacks launched over the weekend disrupted access to several websites operated by NATO.
A pro-Russian Ukrainian hacktivist group going by the name “Cyber Berkut” has claimed responsibility for the attacks, which affected only public websites and did not impact essential operations, according to NATO spokespeople.
The distributed attacks focused on the main NATO public site, www.nato.int (which is also redirected to from nato.com), knocking it offline for long periods on Saturday. It remained slow to respond at times on Sunday.
Other sites affected apparently include the public site of a cyber security centre in Estonia, affiliated to NATO.
The claims of responsibility were made in Russian on the cyber-berkut.org website but have not been officially verified. The “Berkut” refers to Ukrainian riot police responsible for vicious suppression of protesters campaigning against ousted president Viktor Yanukovich.
With the NATO site currently dominated by news of the Ukraine situation, it’s probable that the attacks were intended as a protest against NATO involvement.
NATO quickly tweeted confirmation that it had been subjected to DDoS (Distributed Denial of Service) but insisted there had been “no operational impact”, no access to classified information, and that efforts were under way to restore functionality as soon as possible.
The Ukraine crisis has already sparked a number of spin-off cyber incidents. A string of attacks on Russian media, government and central bank websites last week were apparently launched by a group calling itself “Anonymous Caucasus”, which denied any connection to the Ukraine situation.
Nevertheless, speculation has been rife that these incidents were a response to Russian news coverage of recent events.
As in previous instances of real-world political tensions spilling over into the cyber arena, the targets have been overwhelmingly in the public arena, taking down promotional and information resources rather than critical government or military targets.
There has been further speculation, in Ars Technica and elsewhere, that would-be cyber-warriors have learned lessons from previous clashes, stepping back from high-profile but low-impact propaganda strikes on media and official websites in favour of more covert and stealthy cyber-espionage tactics.
Either way, it seems almost inevitable that further cyber incidents will emerge from the ongoing political struggle.
Once again, urgent warnings will be issued from all angles over the possibility of genuine cyber warfare, with demands for more funding for military cyber wings.
We can only hope things don’t progress too far beyond the current sand-kicking levels.