Tech oligarch Elon Musk has drawn criticism from cyber safety consultants following unsubstantiated claims that Ukraine was behind an obvious distributed denial of service (DDoS) assault on his social media platform, X, previously often known as Twitter.
Musk, who at present heads the US authorities’s Division of Authorities Effectivity (Doge) that has fired 1000’s of federal staff, accused the Ukrainian authorities of being behind the incident that introduced down X companies for a lot of customers on Monday 10 March. Chatting with the Fox Enterprise information channel, he claimed a “large cyber assault” focusing on X appeared to have originated from IP addresses positioned in Ukraine.
The incident got here amid a severe deterioration in relations between Ukraine and the US, and simply days after US Cyber Command, the nation’s army offensive and defensive cyber unit, suspended offensive operations towards Russia in a big climbdown.
Ukrainian officers have been fast to refute the suggestion Kyiv was behind the cyber assault, and in dialog with the BBC, former Nationwide Cyber Safety Centre head Ciaran Martin described Musk’s accusations as unconvincing and “just about rubbish”.
Martin advised the BBC he could be hard-pressed to consider an organisation of X’s scale that has been so badly impacted by such an incident in recent times and advised the incident didn’t paint image of the platform’s wider cyber resilience.
In a DDoS assault, malicious actors bombard a server with junk net visitors to overwhelm it, forcing it offline and leaving respectable customers unable to entry it.
Such crude types of cyber assault are well-known and comparatively frequent – they often kind a key component in hacktivist actions due to their accessibility, which at first look lends a sure component of credibility to Musk’s claims.
Nevertheless, DDoS assaults are launched by way of geographically disperse networks of computer systems and different units which have been co-opted into botnets with out their proprietor’s information or consent. This makes it very laborious to precisely find the people accountable for them.
Tom Parker, cyber safety creator and chief know-how officer (CTO) at NetSPI, stated the magnitude of the assault did strongly recommend the involvement of a classy menace actor nevertheless it was necessary to know that precisely attributing DDoS incidents is “notoriously troublesome”.
“Such adversaries are extremely adept at concealing their tracks. We have to be extraordinarily cautious about pointing fingers and sabre rattling with out clear and compelling proof to display functionality, motive,and certain profit for the get together concerned,” Parker advised Pc Weekly.
“Regardless of latest occasions, I do imagine Ukraine continues to be searching for to foster a extra constructive relationship with the US, which might make it unlikely that the claims of Ukrainian involvement are well-grounded. Somewhat, the state of affairs seems to align extra with a ‘false flag’ operation intentionally crafted to implicate Ukraine.
“As we frequently see in these complicated conditions, essentially the most simple clarification isn’t all the time appropriate, and drawing conclusions prematurely can lead us astray,” he stated.
Professional-Palestine group
Lending extra weight to arguments towards Musk, a pro-Palestinian hacktivist group often known as Darkish Storm Staff subsequently claimed by way of Telegram that it had been behind the incident.
An account on the Bluesky social media platform claiming to be related to this group and showing to have hyperlinks to the Nameless collective, described the DDoS assault as a peaceable protest and stated assaults would proceed.
Jake Moore, international cyber safety advisor at ESET, stated: “Cyber criminals assault from all angles and are extremely fearless of their makes an attempt. Whether or not they’re directed by geopolitical teams or financially motivated gangs, DDoS assaults are a intelligent method of focusing on a web site with out having to hack into the mainframe, and subsequently the perpetrators can stay largely nameless and troublesome to level a finger at.
“This additionally makes it that rather more troublesome to guard from when the panorama is totally unknown aside from having generic DDoS safety. Nevertheless, even with such safety, every year, menace actors grow to be higher geared up and use much more IP addresses comparable to dwelling IoT units to flood methods, making it more and more tougher to guard from.”
Added Moore: “Sadly, X stays one of the vital talked about platforms, making it a typical goal for hackers marking their very own territory. All that may be achieved to future-proof their networks is to proceed to anticipate the surprising and construct much more sturdy DDoS safety layers.”
