Pro-Russia group Killnet has claimed responsibility for the attack, which occurred after EU lawmakers declared Russia a ‘state sponsor of terrorism’.
The European Parliament website was hit by a “sophisticated” cyberattack that may have been carried out by a pro-Russia hacker group.
The cyberattack came soon after EU lawmakers passed a resolution declaring Russia a “state sponsor of terrorism” for Moscow’s attacks on Ukrainian civilian targets.
Dita Charanzová, the parliamentary vice-president responsible for cybersecurity, tweeted that the European Parliament was subject to a “sophisticated” cyberattack just moments after the resolution was passed yesterday (23 November) and that pro-Russia hackers had claimed responsibility.
“Our IT experts are pushing back against it and protecting our systems,” tweeted European Parliament president Roberta Metsola after the incident. “This, after we proclaimed Russia as a state sponsor of terrorism. My response: #SlavaUkraini.”
The European Parliament is under a cyber attack. As Quaestor responsible for ICT equipment, I've been in touch with the IT department and we will do our best to defend our institution.
This happens after the European Parliament declared Russia a state sponsor of terrorism.
— Marcel Kolaja (@PiratKolaja) November 23, 2022
It was a DDoS attack – in which a server is overwhelmed with traffic intentionally – which is a favourite tactic among Russian hackers.
An unnamed senior European Parliament official told Politico in the aftermath of the incident that “it might be the most sophisticated attack that the Parliament has known so far”.
‘They aren’t the only ones’
CybSafe CEO Oz Alashe said the attack is a reminder of “how vulnerable many of us are” when it comes to cybersecurity. “Oftentimes the networks being used to initiate these attacks have been compromised due to poor cybersecurity hygiene, awareness and behaviour.”
However, there are ways to prepare. Alashe said that some of the ways in which organisations can protect themselves is by increasing network security, continuously monitoring web traffic and using multiple servers that are difficult to attack at once.
“More importantly, however, this event highlights the need for cybersecurity to be treated as an active process rather than a compliance exercise. If institutions like the European Parliament are vulnerable, they aren’t the only ones.”
Oliver Pinson-Roxburgh, CEO of Defense.com, added that there is lesson from this attack on the European Parliament for all government and public sector organisations: “Prioritise improving cyber defences to avoid any disruption in the delivery of vital services to citizens.”
10 things you need to know direct to your inbox every weekday. Sign up for the Daily Brief, Silicon Republic’s digest of essential sci-tech news.