They had attacked the France-Visas site the day before, blocking its access for several hours, as noted by Numerama. The pro-Russian hacktivists of UserSec attacked several sites of the French administration on Thursday, June 29, also targeted by denial of service attacks. The operation resulted in the impossibility of accessing the site of the Ministry of Justice in the afternoon, noted ZDNET.fr.
This platform is however necessary for the good information of the litigant. The sites of the ministries of the economy or the gendarmerie, also targeted, were online two hours after the claim of the denial of service attack.
Resurgence of DDoS
Claimed on UserSec’s Telegram, a channel of hacktivists calling for the fight against the West and the defense of Russia created in January 2023, the attack is not isolated. In the spring, several denials of service had targeted, for example, the National Assembly, Naval Group or the National Institute of Labour, Employment and Vocational Training. These attacks were claimed by another group of pro-Russian hacktivists, NoName057(16).
Back since the Russian invasion of Ukraine, denial of service attacks are one of the preferred modes of action by hacktivists. Technically quite simple, they make a lot of noise while their impact remains most of the time very anecdotal. As Mathieu Feuillet pointed out during a recent conference, this kind of attack can however contribute to the “anxiogenic climate” and disorganize the specialists. The wave of denial of service attacks in 2015 had thus aroused “enormous media pressure” and “great concern from the political authorities”, said the Deputy Director of Operations at Anssi.
Eight years later, “there are still entities that do not have anti-DDoS means in place, there are still efforts to be made because this should no longer really be a subject”, had also observed this expert.
DDoSia Project
Beyond the protection efforts to counter this kind of attack, it is also interesting to understand the organization of the attackers. Already scrutinized by Avast, NoName057(16) has just passed the Sekoia grinder. The French company’s experts looked at the DDoSia denial of service attack toolbox, a key tool for mobilizing a community. On Telegram, seven sub-channels are dedicated to this project, with channels dedicated to exchanges, sharing of manuals and resources, with support for targeting suggestions.
According to Sekoia’s analyses, NoName057(16) first targeted Lithuania, Ukraine and Poland between May 8 and June 26. That is a total of 486 targeted sites. France appears only in 8th place, with around 5% of denial of service attacks directed against it. This group of hacktivists, notes the company, “is very reactive to political communication”, targeting for example the RATP shortly after the presidential announcement of an air defense system in Kiev.
Proof of this reactivity: attacks against Wagner were thus observed during the brief coup attempt by the mercenaries of this sulphurous Russian private military company.