{"id":355,"date":"2024-12-11T11:58:23","date_gmt":"2024-12-11T11:58:23","guid":{"rendered":"https:\/\/blogs.kent.ac.uk\/cyber-institute-news\/?p=355"},"modified":"2024-12-20T09:06:42","modified_gmt":"2024-12-20T09:06:42","slug":"icss-researcher-co-authored-a-research-paper-on-exploring-the-impact-of-ddos-hacktivism-in-the-russo-ukrainian-war","status":"publish","type":"post","link":"https:\/\/blogs.kent.ac.uk\/cyber-institute-news\/2024\/12\/11\/icss-researcher-co-authored-a-research-paper-on-exploring-the-impact-of-ddos-hacktivism-in-the-russo-ukrainian-war\/","title":{"rendered":"iCSS researcher co-authored a research paper on exploring the impact of DDoS hacktivism in the Russo-Ukrainian War"},"content":{"rendered":"

iCSS Core Member and Operations Lead Dr Budi Arief<\/a> and his collaborators, Ya\u011f\u0131z Y\u0131lmaz<\/a>, Dr Or\u00e7un \u00c7etin<\/a>, \u00d6mer Said \u00d6zt\u00fcrk<\/a> and Emre Ekmek\u00e7io\u011flu<\/a>\u00a0from Sabanc\u0131 University (Turkey) and Professor Julio Hernandez-Castro<\/a> from Universidad Polit\u00e9cnica de Madrid (Spain), have found evidence that the Russo-Ukrainian War had spilled into the cyber space, demonstrating that modern warfare is likely fought both in the physical and cyber realms.<\/p>\n

The team\u2019s recent paper, \u201cAssessing the Silent Frontlines: Exploring the Impact of DDoS Hacktivism in the Russo-Ukrainian War\u201d, was presented at the prestigious Annual Computer Security Applications Conference (ACSAC)<\/a>, which celebrated its 40th<\/sup> anniversary in Honolulu, Hawaii, USA during this year\u2019s conference on 9-13 December 2024.<\/p>\n

The research assessed the impact and effectiveness of Distributed Denial of Service (DDoS) attacks conducted by entities associated with the belligerents of the Russo-Ukrainian War. DDoS attacks \u2013 in which an attacker would bombard their target\u2019s website with a high volume of internet traffic in order to disrupt, overwhelm, or even take down the services provided by that website \u2013 are increasingly utilised in modern armed conflicts and political tensions between nations. This signals a significant shift in the landscape of modern conflict, underscoring the increasing importance of the cyber domain as part of the battlefield. This transition not only amplifies the complexity and reach of conflicts, but also introduces many novel cybersecurity challenges. For instance, DDoS attacks and other forms of cyberattack may act as extensions of state power and serve as asymmetric tools for non-state actors to take part and contribute in the conflict, in order to accomplish strategic objectives without resorting to open warfare. As such, DDoS attacks play an important role in modern hacktivism, in which volunteers would donate their time and resources \u2013 and even systematically organise themselves by creating and maintaining targets list \u2013 to support their side of the war.<\/p>\n

The lead author, Ya\u011f\u0131z Y\u0131lmaz, is a former Master\u2019s student at Sabanc\u0131 University. He explained the motivation behind this research: \u201cWe knew that DDoS attacks are widely deployed in the Russia-Ukraine cyber conflict, however their extent and effectiveness were still unknown. We aimed to address this gap through our study, based on empirical data gathered and analysed from the conflict.<\/em>\u201d<\/p>\n

To be able to measure the reach and actual impact of DDoS attacks in the Russo-Ukrainian War, the team compiled two lists of DDoS targets \u2013 one for each side of the war. The team then set up several monitoring servers across the globe to observe and collect data regarding the Quality of Service of these targeted websites. The data provided quantitative measure of the performance and the status of the targets after experiencing DDoS attacks, allowing the team to measure the effectiveness of these DDoS attacks.<\/p>\n

One of the key findings from the research is that the pro-Russian side appeared to have more impactful attacks than the pro-Ukrainian side. Over one-third of the websites targeted by pro-Russians entities went completely down, while only one-quarter targeted by the pro-Ukrainian entities suffered the same fate. Dr Arief added: \u201cAn interesting observation from this study is that there were many instances of repeated target registrations by pro-Ukrainian entities. On the one hand, this might indicate a higher level of hacktivism among the pro-Ukrainians, but unfortunately this did not necessarily translate into a higher rate of success.<\/em>\u201d<\/p>\n

One of the most common ways to combat DDoS attacks is by employing DDoS protection companies. Dr Cetin mentioned another important observation: \u201cWe found that the rates of DDoS protection usage were remarkably low: overall, below 14% of the targets showed any indications of using these services. Additionally, we observed that some targets in Russia were able to obtain DDoS protection services from companies based in countries that are supposed to be applying an embargo on Russia, notably the US.<\/em>\u201d<\/p>\n

The latter observation opened up an interesting debate, as pointed out by Professor Hernandez-Castro, an iCSS Honorary Member and also a former professor at the University of Kent: \u201cWe were quite surprised to discover that a significant number of targets on the Russian side were using anti-DDoS services and technology provided by countries that have for a long time imposed economic and commercial sanctions on Russia. This may or may not be strictly illegal, but it is without question against the spirit of these sanctions.<\/em>\u201d<\/p>\n

The authors\u2019 version of the paper is available to download from KAR (Kent Academic Repository) of the University of Kent at https:\/\/kar.kent.ac.uk\/107797\/<\/a>. The paper’s presentation at the Conference, given by Professor Hernandez-Castro, can be found on iCSS’s YouTube channel<\/a> as a video recording, which can also be watched below as an embedded video.<\/p>\n