European Parliament website hit by ‘sophisticated’ cyber attack

The European Parliament’s website was unavailable for several hours on Wednesday, 23 November, immediately following the controversial vote. 

The attack is what’s known as a distributed denial-of-service (DDoS) attack, in which massive amounts of traffic are sent to servers in an attempt to block internet users from accessing websites, Marcel Kolaja, European Parliament member for the Czech Pirate party, confirmed. 

A pro-Russian group called KILLNET appears to have claimed responsibility for the attack in a Telegram post. 

The attack was considered a direct response to the European Parliament’s designation of Russia as a state sponsor of terrorism. The bloc’s members declared that Moscow’s military strikes on Ukrainian civilian targets such as energy infrastructure, hospitals, schools and shelters violated international law.

Although not legally binding, the resolution was backed by a large 494-58 majority with 48 abstentions, including measures to bring anyone responsible for war crimes committed from the start of the Russian invasion in February before an international court. 

“I confirm that the Parliament has been subject to an external cyber attack, but the Parliamentary services are doing well to defend the Parliament,” Dita Charanzová, Czech MEP and Parliament vice president responsible for cyber security, said in a statement.

Shortly after the website went down, European Parliament President Roberta Metsola tweeted: “The European Parliament is under a sophisticated cyberattack. A pro-Kremlin group has claimed responsibility”.

Another senior Parliament official, requesting not to be named, told Politico “it might be the most sophisticated attack that the Parliament has known so far.”

Belgium’s national cyber-security centre confirmed that there’s an investigation at EU level but couldn’t provide further information on the matter.

Nadir Izrael, co-founder and CTO of Armis Security, commented: “The landscape here is greatly evolving and has changed monumentally over the last five years, and we as citizens are not yet used to the idea of cyber warfare being a legitimate tool that a country can employ – but the truth is that we are all on the frontlines.

“Even if the disruption itself doesn’t seem major, a cyber attack on the government can create an underlying fear of chaos amongst citizens. Every country and organisation should think very carefully about its cyber-security posture.”

Earlier this month, the Australian Signals Directorate’s latest annual cyber threat report warned that cyber attacks from criminals and state-sponsored groups had significantly increased in the past financial year, turning the cyberspace into “the domain of warfare”. 

This rise in cyber crime has affected governments and organisations across the world. The UK’s NHS, the US’s Apple, and even the Albanian government, have all suffered severe cyber attacks that have disrupted their services and put their users’ personal information at risk.

The European Union in May agreed on tougher cyber-security rules for essential sectors, with companies required to assess their risks, notify authorities and take measures to deal with the risks or face fines up to 2 per cent of global turnover.