Last Updated on 05/03/2022 by Nidhi Khandelwal
The Russian government released a large list on Thursday featuring 17,576 IP addresses and 166 domains it claims are behind a series of distributed denial-of-service (DDoS) attacks directed against its domestic infrastructure as the ongoing Russia-Ukraine war escalates.
The US Federal Bureau of Investigation (FBI), the Central Intelligence Agency (CIA), and the websites of several media outlets such as USA Today, 24News.ge, megatv.ge, and Ukraine’s Korrespondent magazine were among the notable domains in the list released by Russia’s National Coordination Center for Computer Incidents (NCCCI).
The agency advises organizations to ringfence network devices, enable logging, change passwords associated with key infrastructure elements, turn off automatic software updates, disable third-party plugins on websites, enforce data backups, and be wary of phishing attacks as part of its recommendations to combat DDoS attacks.
“Use DNS servers from Russia. To prevent your organization’s users from being misdirected to malicious resources or other harmful behavior, utilize the corporate DNS servers and/or the DNS servers of your telecom operator “The NCCCI went on to say.
The move comes as the ground conflict has been bolstered by a torrent of cyber attacks in the digital sphere, with hacktivist groups and other vigilante actors assisting the two countries in attacking government and commercial websites and leaking massive amounts of personal data.
Even as major internet failures have been reported in several parts of Ukraine, such as Mariupol and Sumy, according to global internet access watchdog NetBlocks, Russia is alleged to have implemented extensive limitations on Facebook access within the country.