Turkse hacktivisten richten zich op Nederland: high noise, low impact

Politieke spanning leidt tot extra waakzaamheid.

Turkse hacktivisten richten zich op Nederland: high noise, low impact

Als gevolg van de toegenomen politieke spanningen tussen Nederland en Turkije houdt Fox-IT de activiteiten van verschillende Turkse hackersgroepen extra goed in de gaten.

De meeste activiteiten die waargenomen zijn door Fox-IT lijken bedoeld te zijn om de Nederlandse infrastructuur te verstoren. De methoden en technieken die de hackersgroepen hiervoor inzetten, zijn relatief eenvoudig en kunnen worden uitgevoerd door een individu met basiskennis en basisvaardigheden.


Deze blog is alleen in het Engels beschikbaar.

Public websites under DDoS attacks

Targets of ‘disruption attacks’, in the form of Distributed Denial of Service (DDoS) attacks, appear to have been directly related to the conflict between Turkey and The Netherlands, with regards to the denial of two of Turkey’s ministers from visiting The Netherlands on March 11th 2017. Some of the targeted websites had difficulties defending against the DDoS attacks, such as stemwijzer.nl and kieskompas.nl, resulting in downtime, just one day before the Dutch elections.

List of Dutch DDoS targets

Hollanda Operasyonu

Defacements were seen across seemingly random Twitter accounts and Dutch websites, carried out by individuals which gathered on publically accessible hacking forums, where hackers were called to arms, using operation names such as Hollanda Operasyonu (translated: Holland Operation).

An example of a WordPress website (iwiweb.nl) defaced, using the recently disclosed WordPress content injection vulnerability, can be seen on the image below:

Methods, techniques and solutions

Most of these defacement attempts can be stopped by following basic security guidelines, such as regularly updating WordPress & other software installed on the webserver.

The full write-up describes several methods and techniques used by the Turkish hacker groups in order to compromise, deface or disrupt online Dutch infrastructure.

Nu bij Fox-IT

Neem contact op

+31 (0) 15 284 79 99

fox@fox-it.com

Delft