Websites run by Spain’s Ministry of Public Works & Transport and its constitutional court were the latest victims of a campaign being run by Anonymous in support of Catalan independence.
Anonymous has defaced several websites belonging to the Spanish government to demonstrate its support for the Catalan cause.
Hackers belonging to the vigilante hacker group dubbed Anonymous have been running a consistent campaign in favour of a referendum calling for independence of Catalonia from Spain. In the past month, they have been successful in defacing several government websites and had, in fact, announced their intent in advance.
‘In the name of all the Catalan independence and democracy, Anonymous Catalonia asks all the Anons of the world who are in favour of the freedom of expression […] and peaceful dialogue to persist in the #FreeCatalonia operation until 29 October 2017,’ said the group.
Despite being aware of the hacking operation in advance, the Spanish government has done little to protect its websites from being taken offline by the hackers.
‘Hacktivist group Anonymous, through associated Twitter accounts, is announcing a massive cyberattack for tomorrow. In the last few weeks, state websites have received different cyberattacks under the same slogans,’ said the Spanish government’s Departamento de Seguridad Nacional (Department of National Security) a day before two more websites were shut down.
This isn’t the first time that Anonymous is targeting the Spanish government and its websites. In June 2011, the group had taken down the official website of the Spanish police after the force had succeeded in arresting three members of the vigilante group. In both occasions, Anonymous used DDoS attack as its weapon of choice.
‘DDoS attacks are increasingly being used as a weapon against established authorities to disrupt both political processes and organisations. Cyber criminals and protesters are wise to the amount of disruption a DDoS attack can cause, as taking a site offline can massively discredit an organisation’s credentials, and highlights the weaknesses in authoritative structures,’ says Rob Bolton, Director, and GM, Western Europe, at Infoblox.
‘Many organisations still do not have a sophisticated DNS protection strategy in place, making attacks like these easy for cybercriminals to carry out successfully. While there is no easy way to ensure complete DNS security – there are a few steps an organisation can take to mitigate and respond to DNS-based DDoS attacks.
‘Organisations should monitor their DNS traffic and obtain a baseline so that, when an unforeseen event does occur, they can instantly see the fluctuation away from that baseline, allowing them to react quickly and decisively. Whilst it may not always be clear what an attack looks like, anomalies will be more easily identifiable.
‘IT teams should also continually scrutinise internet-facing infrastructure for single points of failure by going beyond external authoritative name servers, and checking on the switch and router interactions, firewalls, and connections to the internet. Once organisations have these measures in place, it will become much easier to prevent successful DDoS attacks,’ he adds.