DDoS Attacks Are Becoming a Key Tool in Geopolitical Disputes.

Recent research shows that Distributed Denial of Service (DDoS) attacks are becoming a preferred tool for cybercriminals with political motivations. These attacks have notably increased and are used as a means to undermine trust in institutions and critical services, especially in sociopolitical contexts such as civil protests, elections, and political disputes.

DDoS attacks target a variety of sectors and pose a significant challenge for defense, as they require constant monitoring and sophisticated cybersecurity strategies. In the second half of 2024, nearly 9 million of these attacks were reported, representing a 12.75% increase compared to the first six months of the year. A notable example was the Russian hacking group NoName057(16), which intensified its activities against governmental services in countries such as the United Kingdom, Belgium, and Spain, and whose impact in Georgia, related to the "Russia Law" project, highlighted the use of these attacks as a political weapon.

A DDoS attack involves flooding a server with a massive volume of traffic, rendering the website inaccessible. This tactic can severely damage both the infrastructure and the reputation of the affected entities. Unlike ransomware attacks, which generally seek economic gains, DDoS attacks are often motivated by political reasons.

Richard Hummel, director of threat intelligence at NETSCOUT, stated that "DDoS has become the weapon of choice for cyber-warfare,” emphasizing that the NoName057(16) group continues to lead politically motivated DDoS campaigns, primarily targeting governments and infrastructures. The significant increase in attacks in Israel, where a 2,844% rise was recorded, and a peak of 519 attacks in a single day, underscores the severity of the situation.