Q2 targets included the French government.
European elections saw an increase in targeted DDoS attacks.
According to research from StormWall, in Q2 50.4% of all malicious traffic went to targets in EU territories.
The company claimed that during the period of elections - particularly in the UK, France and Germany, as well as for the European Parliament - bot traffic in the EU increased by 1100% during elections, with a peak in DDoS activity on June 5th, and continued to peak until June 6th. The DDoS traffic began to subside until June 9th, when the elections ended.
“Whenever something politically significant happens, such as an election, it will inevitably cause a spike in DDoS attacks, and hackers will target government services in particular — governments are now the most targeted by DDoS and they need to prepare accordingly,” the company said.
StormWall also said it saw a 183% year-over-year growth in the government vertical.
Targeting the French Government
The French Prime Minister's Office reported that “several French government departments have been experiencing a series of cyberattacks in the past day, with the government activating a crisis unit to deal with the attack” in March, which limited access to online government resources
In that instance, Anonymous Sudan claimed responsibility for "a massive cyberattack" on the infrastructure of the French Interministerial Directorate of Digital Affairs on their Telegram channel.
That attack impacted 177,000 IP addresses and over 300 web domains, claimed France 24, as the DDoS attack flooded the websites causing them to go offline.
StormWall said the attackers didn't use advanced techniques, but instead were able to overwhelm protection through sheer volume of requests.
Specific Targeting
In an email to SC UK, Ramil Khantimirov, CEO and co-founder of StormWall, says DDoS attacks have been seen during every EU election in 2024, and this is likely to continue with the upcoming elections in Austria and the Czech Republic in September, and Lithuania in October. "However, as these are regional events, the intensity might be lower compared to what we saw during the European Parliament elections."
Asked if government websites were specifically targeted because of the European Parliament elections, Khantimirov says the attacks were aimed at disrupting the European Parliament elections, and this is known as the attackers very deliberately targeting government websites to disrupt the voting process, and there were no ransom demands.
"The motivation clearly wasn't financial but ideological," Khantimirov says. "What's more, most of the sources of malicious traffic came from outside of Europe or the US. It's likely that the attacks were a result of the complex geopolitical situation."
Written by
Dan Raywood
Senior Editor
SC Media UK
Dan Raywood is a B2B journalist with more than 20 years of experience, including covering cybersecurity for the past 16 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Conference, BSides Scotland, Steelcon and ESET Security Days.
Outside work, Dan enjoys supporting Tottenham Hotspur, managing mischievous cats, and sampling craft beers.
