How global conflicts influenced cyber attack behaviors

The conflict between Russia and Ukraine has significantly influenced cyber attack behaviors, leading to a notable increase in Distributed Denial of Service (DDoS) attacks as both government-backed threat actors and civilian hacktivists take sides. This cyberwarfare component has resulted in a fourfold rise in DDoS attacks between late 2021 and early 2022, with more than 150,000 volunteers joining anti-Russian campaigns using container images from platforms like Docker Hub. The Sysdig Threat Research Team (TRT) observed a shift from cryptomining activities to DDoS attacks, as attackers exploit unsecured infrastructures and cloud-hosted websites, often bypassing common protections using various methods like SYN-Flood and Layer 7 attacks. These attacks have caused significant disruptions, including outages in NATO countries, and highlight the evolving landscape of cyber threats where political motives intertwine with financial gains, as evidenced by the continued prevalence of cryptojacking activities. The conflict's digital dimension illustrates the rapid scaling and organization of cyber campaigns, facilitated by technologies such as containers, and emphasizes the complex interplay between geopolitical events and cybercrime.