Cyberattacks led by one nation state or another happen all the time. It’s not always easy to attribute direct blame for them, including DDoS attacks, as the players rarely take public responsibility for their actions.
International concerns over nation-state sponsored cyberattacks on important infrastructure of other states go back at least ten years.
In 2007, Estonian authorities alleged that computer hackers aligned with the Russian government had launched DDoS attacks against Estonian banks, newspapers, political parties and government agencies. The motivation was said to initially be an Estonian decision to move a Soviet World War II memorial from downtown Tallinn, a gesture that provoked outrage from Russia and in The Guardian’s words, led to “their worst dispute since the collapse of the Soviet Union”. The Russian government denied involvement. Nato offered the support of some of its leading cyberterrorism experts to Tallinn to investigate and to help strengthen Estonia’s electronic defences.
Most recently, the Washington Post reported that the U.S. was involved with a set of offensive cyberattacks against North Korea. Apparently President Trump signed a directive early in his tenure to put pressure against North Korea via diplomatic and cyber-military actions, including a DDoS campaign with the goal to flood North Korea’s spy agency’s servers with traffic, preventing its access to the Internet.
It is unclear how long the DDoS attack lasted and when precisely it was launched, but the Post reported that it “was due to end” on September 30th, 2017. The overall campaign against North Korea, which included pressuring other nations to sever ties with Pyongyang via diplomatic means, began in March 2017.
It was reported that the campaign was aimed at putting pressure on the country rather than destroying its infrastructure, and demonstrating the U.S.’s capability to cripple an adversary’s cyberwar abilities.
“The elevation of United States Cyber Command demonstrates our increased resolve against cyberspace threats and will help reassure our allies and partners and deter our adversaries,” the White House had said when the President had elevated its status to a combatant unit. “Through United States Cyber Command, we will tackle our cyberspace challenges in coordination with like-minded allies and partners as we strive to respond rapidly to evolving cyberspace security threats and opportunities globally.”
However, others were concerned that the attack might be seen as an act of war by the North Korean administration, which could retaliate against the U.S.’ own critical infrastructure, which some say has already been compromised.
In 2016, the North Korean government was suspected of launching cyberattacks against Asian banks in South Korea, Bangladesh, the Philippines and Vietnam for financial gain.
Cyberattacks by nation-state actors may have a variety of targets, from private citizens’ personal data to corporate intellectual property to energy infrastructure.