Pakistani hackers targeted Indian Army and Navy websites
The Pakistani hacker organization Team_insane_pk has targeted more than 20 Indian government and corporate websites, primarily defense websites, in a response for alleged oppressions of religious minorities in India. The hacker group launched a distributed denial of service (DDoS) attack against these websites. A DDoS attack is considered the most difficult to defend because security equipment such as firewalls and web application firewalls struggle to distinguish between legitimate traffic and traffic created by bots. The botnets used in DDoS attacks are frequently made up of thousands of compromised computers around the globe.
According to available information, the following websites were attacked on the morning of May 18, 2023, and the attack lasted until noon.
This is not the first time this Pakistani hacker group has targeted Indian government websites. The same group targeted the Indian Railways and the police department of Mumbai two days ago. It is believed that they are targeting Indian websites to protest the alleged oppression of minorities in India.
There are some techniques that can be used to defend against such a targeted DDoS attack.
1: Reduce attack surface area by putting your internet exposed applications and systems behind Content Distribution Networks (CDNs) or load balancers and limiting direct Internet traffic to certain parts of your infrastructure, such as your database server, etc.
2: Use the computation resources, which can be scaled up as and when required.
3: Deploy the AI/ML based Web Application Firewall (WAF), which has botnet detection and protection capabilities.