Non-profit organisation the EU Disinfo Lab has had its website knocked offline for the bulk of today in an apparent sustained DDoS attack.
The site was first reported offline at 11:30 am BST and was still offline at 17:30 as Computer Business Review published.
The NGO described the incident as a “brute force cyberattack”. It was not immediately clear if it meant this specific term (a cryptographic hack that relies on guessing possible combinations of a targeted password) or a DDoS attack.
Staff members reached by our team suggested that they had been requested not to offer too many details about the attack, but suggested it was DDoS-based.
We want to inform you that our website is currently experiencing a brute force cyberattack, which explains why it is down. We will let you all know once this is resolved.
— EU DisinfoLab (@DisinfoEU) July 20, 2020
The NGO describes itself as “an independent non-profit organisation focused on tackling sophisticated disinformation campaigns”
Among its recent projects was a hard hitting report on hidden ties between publications ObservateurContinental.fr and OneWorld.press with the news agency InfoRos.ru, which has been linked to Russian military intelligence.
EU Disinfo Lab in DDOS attack
The incident suggests that despite smaller DDOS-as-a-service attacks proliferating that are typically easily blocked with the right defences in place, and even a flurry of recent record-breaking attacks being blocked by AWS and Akamai respectively, the unwary can still be taken offline.
DDOS attacks have been steadily on the rise, particularly during lock-down.
Researchers at cyber security company NexusGuard have found that between Q4 in 2019 and Q1 in 2020 there has been a 542% surge in DDOS attacks. Those working on the project have said that this may be due to large numbers of people working from home where possible during the pandemic.
Some of these DDOS attacks are small enough to be overlooked by ISPs, which can give threat actors the space to hack into a company unnoticed. The company dubbed these “invisible killer attacks”. Such violations result from drip feeding doses of junk traffic into a large IP pool to clog the target.
We will update this when we learn more.