The attack that targeted the National Assembly website on Monday, March 27, used a process well known to hackers around the world: distributed denial of service (DDoS). In concrete terms, this involves flooding the servers hosting a website with connections, to the point that they can no longer correctly distribute the data to all Internet users wishing to consult it. Result: An error message is displayed for all. Cheap, relatively easy to handle, DDoS is “the weapon of the poor” and ensures a significant media impact.
This was also the effect sought by the group of pro-Russian hackers NoName057(16), at the origin of the attack, according to Ivan Fontarensky, technical director of cyber defense at Thales. Without stealing confidential data or jeopardizing sensitive computer systems, the opposing group sent a message: Russia can strike France and its most critical institutions in cyberspace.
However, we are far from an act of cyberwar: the attack is a priori only symbolic and the means used do not involve an elaborate computer weapon, such as a malicious code which would have been installed on systems of the National Assembly or penetration of sensitive networks of this essential body of legislative power.
Protection against DDoS attacks is relatively complex, in that attackers can continually and automatically try new methods of overrunning the target until one works.
However, according to the cybersecurity group Avast, the NoName057(16) group only succeeded in 40% of its attacks between June and September 2022, against Western targets in Estonia, Lithuania, Norway and Poland, for a control center which was, at the time, located in Romania, and may still be.
In August 2022, when Finland announced its intention to join NATO, hackers attacked the country’s parliament, government and police. Avast also estimates that one in five attacks claimed by the pro-Russian group would not actually be an operation carried out by its hackers and would therefore be claimed wrongly.