Server overload attacks on Swiss targets continued unabated on Tuesday. Behind the DDoS attacks is a pro-Russian online collective called “NoName057(16)”. Members exchange information via the Telegram messaging service.
Who are the attackers targeting?
The DDoS attacks launched last week intensified on Monday, targeting federal government servers in particular.
More server overload attacks followed on Tuesday, including at airports across the country. For example against the website of the regional airport Grenchen SO. But the servers at Geneva International Airport were temporarily brought to their knees by the mass of requests.
The unknown criminals celebrated their allegedly resounding success with several posts on the Telegram channel. They dedicated images with a bear – the symbolic animal of Russia – to the successfully “shot down” targets.
The Swiss Army website at vgt.admin.ch was temporarily unavailable Tuesday morning. In the afternoon the website was normally accessible again.
The website of Engadin Airport, which suffered from malfunctions on Tuesday morning, was also accessible again as normal on Tuesday afternoon. Those interested in aviation made the same comment in eastern Switzerland.
At Telegram, the attackers link to the online service check-host.net. The “Down Time” of the website can be seen on the corresponding statistics pages for the individual Internet addresses (such as vgt.admin.ch).
How dangerous are these DDoS attacks?
These are not attacks by hackers in which secured IT networks are penetrated in a technically advanced manner in order to steal data or damage systems. DDoS attacks are something like cyber attacks. You could also say: a lot of smoke, little fire.
However, the damage caused by the offline time of websites and online services, which sometimes lasts for hours, should not be underestimated.
- On the one hand, there is considerable reputational damage if those attacked fail to take effective defensive measures in a timely manner. Major foreign media such as the BBC have already reported on the associated attacks. The hacktivists also like to notice this.
- On the other hand, the organizations directly affected by the attacks may suffer economic damage due to continued online disruptions.
- Finally, one can assume a certain psychological effect: no one likes to be attacked. Headlines can lead to insecurity among the public, especially among people who are not very IT savvy.
Why is Switzerland under attack?
In another Telegram channel, a manifesto of the group “NoName057(16)” published last year can be found, to which it still refers. It is aimed at voluntary donors.
We do not intend to stand by and will respond appropriately to their hostile, openly anti-Russian actions. It is unacceptable for Russophobia to become the norm!
We will never harm the innocent, and our actions are in response to the rash actions of all those who have taken an openly hostile attitude. We have enough knowledge, strength and experience to restore the law where it has been violated. We don’t attack ourselves because of our beliefs. Our homeland is our strength.
We do not work on commercial orders or settle bills between competitors.
We are willing to work with hacker groups and “snipers” who share our values as stated in the Manifesto.
Power is in truth, and that’s what we stand for!”
Why are mass attacks expected again on Thursday?
Regarding the video broadcast of a speech by Ukrainian President Volodymyr Zelenskyy in the National Council Chamber on Thursday, the Federal Government’s National Center for Cybersecurity, or NCSC for short, said parliamentary services will do everything possible to ensure that everything went smoothly. For security reasons, there is no specific information about the measures, reports Keystone-SDA.
Who are the attackers and what are they getting out of it?
Judging by the posts in the relevant Telegram groups, these are Russian-speaking users. However, the self-proclaimed Russian patriots seem to be getting some encouragement from Western countries. Whether from Western Europe or North America.
In fact, even the most active DDoS fighters can look forward to financial compensationas we shall soon see.
At Telegram, the so-called “DDosia Project” apparently a volunteer project to use special software to help the pro-Russian hacktivist team carry out cyber attacks. There’s even online support to help newbies.
The fact is: With a certain basic technical knowledge or IT knowledge, it is possible for people all over the world to participate in the DDoS attacks. All you have to do is download and install software from Telegram and use a so-called VPN service to disguise your own internet address. You can then participate in the automated attacks at the touch of a button.
Anyone who wants to use the DDosia project’s software to participate in attacks must create a cryptocurrency account and log in to a specific server. In fact, the most active fighters can also receive financial compensation for their efforts. An explanatory article in the Russian language states:
PS: Telegram showed on Tuesday afternoon that the pro-Russian hacktivists are targeting another European country: the website of the Icelandic parliament was no longer accessible.
Sources
- Various Telegram channels
- ncsc.admin.nl: DDoS attack on the federal administration: several federal administration websites and applications are unavailable (press release, June 12)
- Telegraph: Инструкция по использованию ПО DDosia
About the history:
Source: Watson
I’m Ella Sammie, author specializing in the Technology sector. I have been writing for 24 Instatnt News since 2020, and am passionate about staying up to date with the latest developments in this ever-changing industry.
