Debilitating Increase Seen in Cyber Attacks Against Advocacy Groups

Hackers and scammers have always kept a keen eye on the news cycle, and absolutely subscribe to the famous mantra “never let a good crisis go to waste.” Hackers and scammers have a penchant for capitalizing on uncertainty, disinformation, and other newsworthy items to make their efforts more successful. Unfortunately, in the wake of increased protests and action by advocacy groups following the murder of George Floyd, hackers have seized on the opportunity to attack those who are trying to help through the use of DDoS attacks.

“Hold up - what’s a DDoS?”

A Distributed Denial of Service attack, or DDoS (pronounced dee-daws), is a type of cyber attack that attempts to overwhelm a company, server, or even an app by bombarding it with bad or junk requests. These requests cause normal processes (like processing web searches, photo uploads, or even serving up the freshest memes) to stop working correctly; effectively bringing down a website, taking servers offline, and ultimately not allowing an organization to conduct business over the internet until it stops.

What makes a DDoS attack tricky is the “distributed” nature of it. The attacks will appear to be coming from all over the globe, usually from computers and servers that are infected with malware. This means that many people don’t realize that their computer is part of a DDoS attack. Even worse, the “distributed” nature of the attack prevents IT and cybersecurity teams from easily blocking the offending requests and stopping the attacks.

Over time, technology has gotten better about stopping these attacks, and some companies, have stepped up to provide DDOS remediation technology through the use of the cloud.

“Got it. So how are DDoS attacks being used?”

Cybersecurity researchers have seen an overall uptick in DDoS attacks against organizations; most likely as an attempt to bring their remote workforce offline. In this case, researchers at Cloudflare noted a staggering increase of 1,120 times more attacks against groups who are conducting advocacy work in the last week of May. This meant that those groups who saw almost no attacks previously were now receiving almost 20,000 requests per second. Even servers for ticket companies selling seats to the hottest concerts don’t see that many requests (and we all know how frustrating that can be). In addition, attacks were up 1.8 times on military sites, and 3.8 times against government sites.

While the goals of hackers and scammers are generally not known, in this case, they may be seeking to stop donations or the important work that many of these organizations are conducting. In addition, they may be attempting to break into these organizations and steal the increased donations they may be seeing. We have seen similar tactics that follow money previously with tax returns and the COVID-19 economic stimulus checks.

What does this mean? It means that if your organization is considered an advocacy group and you are not protected against DDoS attacks, you may be at risk for having your entire operation, including the ability to accept donations, brought to a halt.

“Ok, so my organization may be at risk. What should we do?”

First, don’t panic. Help is on the way.

Second, that same company we noted above from that study, Cloudflare, also provides DDOS protection services. Best of all, they offer it to qualifying organizations for free through their Project Galileo. If you believe you are at risk, you should apply right away!

Finally, Hive Systems offers pro bono consulting services to qualifying organizations through our program, Hive Helps. If you believe your organization is at risk, submit an application today so that we can help you have a safer tomorrow.

Follow us - stay ahead.

Read more of the ACT