The page of the European Parliament has fallen this Wednesday shortly after three in the afternoon. The website suffered a cyberattack three hours after passing a resolution declaring Russia a “state sponsor of terrorism” and calling on the EU to diplomatically isolate Moscow.
“The European Parliament is under a sophisticated cyber attack. A pro-Kremlin group has claimed responsibility. Our experts are resisting and protecting our systems. This comes after we declared Russia a state sponsor of terrorism. My answer: Slava Ukraini”, has tweeted the president of the European Parliament, Roberta Metsola.
According to the communication of the institution to the MEPs, “the availability of the Europarl website is currently affected from the outside due to the high levels of traffic from the external network. This traffic is related to a DDOS (Distributed Denial of Service) event. Our teams are working to resolve this issue as quickly as possible. We will keep you informed”.
The spokesman for the European Parliament, Jaume Duch, has communicated the facts on Twitter in the same terms. According to sources from the European Parliament, the authorship of the attack cannot be proven at the moment, although there are sources that report that the authorship of the attack has been claimed by Killnet, the pro-Russian hacker group that had already attacked several websites in the past. institutions, including that of the White House.
Killnet is a Russian mafia of cybercriminals with documented ties to the Kremlin. One of its specialties is carrying out denial of service attacks such as the one that has brought down the European Parliament website. They carry them out on their own and also on behalf of third parties who pay their fees. This is a type of attack that, despite its conspicuousness, does not have to involve theft of information or compromise of the attacked infrastructure.
However, various specialists explain to elDiario.es that a much more detailed investigation will be necessary to rule out these extremes, since DDOS is also used as a tool to divert attention from other, more complex cyberattacks.
“The European Parliament has set a target”
Despite the fact that the attribution of a cyberattack is usually the most complicated end of everything that surrounds them, experts agree that in this case everything seems to indicate that the objective of the cybercriminals was that the authorship was clear. “Technically it is very difficult to say who it was, but there is evidence. The clearest is that it occurred only a few hours after Russia’s declaration as a state sponsor of terrorism,” says José Lancharro, director of the offensive services department of the Spanish cybersecurity firm Tarlogic.
“The European Parliament has set a target. In the Russian mind, the defensive perimeter includes the information spectrum. What is said about Russia. For them it is as if an attack had occurred in the center of their protective fence. They consider this type of news as an assault and a breach of their defensive perimeter in cyberspace, just as if there had been any other type of attack. They treat him in the same way”, explains Lancharro.
Miguel López, general director in Spain of the multinational Barracuda Networks, agrees with the request for caution regarding the powers. However, “if it is confirmed that Killnet has claimed responsibility for the attack,” he adds, “we would be facing one of the clearest cases in which it would appear that Russia is involved in a cyber attack.”
“The levels of attacks directed at all kinds of institutions, especially those of the countries most involved in the war, have grown a lot since the beginning of the war. I don’t know that these types of attacks are not carried out by the secret services of any country, but that they are groups that are in some way sponsored by the State. We know that Killnet is indeed in Russian orbit. But I emphasize, it is very difficult to prove all this from the point of view of computer forensics”, says this expert.