A “sophisticated” cyberattack on the European Parliament website on Wednesday caused service disruptions just moments after members voted to designate Russia as a state sponsor of terrorism.
Parliament President Roberta Metsola stated on Twitter that a pro-Kremlin group had claimed responsibility for the attack.
The website was back online about two hours after European Parliament officials first reported the attack.
the @Europarl_EN is under a sophisticated cyber attack. A pro-Kremlin group has claimed responsibility.
Our IT experts are pushing back against it & protecting our systems.
This, after we proclaimed Russia as a State-sponsor of terrorism.
My answer: #SlavaUkraini
— Roberta Metsola (@EP_President) November 23, 2022
Parliament’s spokesperson Jaime Duch said that the website was offline as a result of a distributed denial of service (DDoS) attack.
DDoS attacks, one of the most powerful weapons available to cyber actors, target online services and websites and overwhelm them with massive volumes of traffic that the server or network cannot accommodate.
The main goal behind such attacks is to create problems for the business by making their website inoperable. The disruption also causes issues for individual users who are prevented from accessing the services they require and can be used as a cover for other sots of breaches.
A warning shot
“Today’s attack on the European Parliament’s systems is a warning shot. It is an attack on the democratic heart of Europe,” said German Member of European Parliament (MEP) Rasmus Andresen.
Andresen said the parliament’s systems were insufficiently prepared for the attack.
“I hope that today’s events will lead us to better protect our data and our democracies because it certainly won’t be the last time we are victims of such attacks,” Andresen noted.
Pro-Russian hacker group Killnet was behind the DDoS attack, Greek MEP Eva Kaili said.
“We have a strong indication that it is from Killnet, the hackers with links to Russia indeed. This is my information, but it is under control. It only cut the external access to the Parliament’s website … Unless there are extra attacks we expect it to be back and accessible very soon,” Kaili said.
Killnet has previously claimed responsibility for attacks on websites belonging to the US government and Lithuania. The group says it takes action against nations that have opposed Russia since its invasion of Ukraine.
Last month, the group claimed responsibility for temporarily taking US airport websites offline. The group published a list of US airports on Telegram and encouraged hackers to take part in DDoS attacks.
Killnet asked hackers to flood the servers running US airport websites with junk requests, making it impossible for travelers to check the status of their scheduled flights or make reservations for airport services.
On Wednesday, just hours before the European Parliament’s website was attacked, a resounding majority of MEPs voted to designate Moscow a state sponsor of terrorism, claiming that its attacks on civilian targets constituted war crimes.
“The deliberate attacks and atrocities committed by Russian forces and their proxies against civilians in Ukraine, the destruction of civilian infrastructure and other serious violations of international and humanitarian law amount to acts of terror and constitute war crimes,” the Parliament said in a press release .
The designation is largely symbolic, and it is unlikely that Russia will be subject to any hard legal sanctions.
Since the start of the Ukraine war, Moscow has repeatedly been accused of launching cyberattacks against key targets in Ukraine and its allies.
In September, the Ukrainian government warned that Russia intends to launch ‘massive cyberattacks’ on Ukraine’s critical infrastructure and that of its allies.
The Main Directorate of Intelligence of Ukraine’s Ministry of Defense (HUR MO) said the next wave of attacks would likely concentrate on disrupting and destroying facilities and institutions related to the energy sector.
It also said the main goal of upcoming cyberattacks would likely be to hinder the Ukrainian Army’s ongoing assaults and to increase the effect of missile strikes on the nation’s electrical infrastructure, particularly in the country’s east and south.
Commenting on the DDoS attack on the European Parliament, Oliver Pinson-Roxburgh, CEO of threat management company Defense.com, said: “The lesson from this attack on the European Parliament should be taken up by all government and public sector organisations: prioritize improving cyber defenses to avoid any disruption in the delivery of vital services to citizens.
“The failure of public sector organizations to protect services from bad actors will only further undermine public trust in institutions. Public sector organizations must plan for the long term, improving threat management systems and putting in place up-to-date education and awareness training for all staff.”
Oz Alashe, CEO of CybSafe, said: “Whether it is DDoS attacks, phishing or ransomware, one thing is certain – the current status quo must change. We need to fundamentally shift our approach to cyber security by targeting behaviors rather than simply awareness. “