March 11, 2025 - 7:45pm
When considering Elon Musk’s roll call of enemies, it might be easier to ask who doesn’t have it in for the X boss. Yesterday, his social media platform was partly down for several hours, with a distributed denial-of-service (DDOS) attack apparently to blame. Musk alleged afterwards that either a significant coordinated group or a foreign state was responsible for the shutdown, referencing “IP addresses originating in the Ukraine area”.
State-tier malware is increasingly a part of the modern war toolkit. But if the kind of cyberattacks that Ukraine and Russia traded in the run-up to the ongoing war were at the ICBM level, then, low-tech and low-cost, DDOS is the AK-47 of cyber warfare. Though the first recorded attack was in 1996, the problem persists. It wears down its targets by having a web of computers triggered to fire off requests at the same time to the website in question. These are normally globally distributed, and DDOS works by bombarding servers with thousands or millions of times the usual incoming traffic — which they are obliged to accept.
Yesterday evening, “crypto futurist” Ed Krassenstein claimed to have made contact with the leader of a cybercrime syndicate named Dark Storm Team, via their Telegram channel, who claimed credit for the attack. Krassenstein included screenshots of their conversations as supporting evidence.
Dark Storm Team has been widely labelled in the media as a “pro-Palestine” organisation, in part because it has previously targeted Israeli hospital infrastructure. But this latest salvo apparently wasn’t related to Palestine, with the supposed leader claiming that it was instead “just a demonstration of our strength”. They added that the group is next planning to hit a major African bank, which “will not be able to stop the attack”.
Should we take the word of shadowy hackers? Just as there was a point in the 2000s where al-Qaeda would claim credit for a car misfiring, so too will opportunists in the cybercrime world claim credit to boost their own profiles. A group called Anonymous Sudan once claimed credit for ransoming a twee US fan fiction site, Archive of Our Own. It’s only when the target is named before the attack that any verification is possible.
What is at least clear with the attack on X this week is that a significant amount of money must be behind it. Small-scale DDOS attacks can be performed with rented servers or malware botnets for a few dollars, but to scale that up to the world’s real-time news engine — and multiply out to pinning it down for an entire afternoon — requires possibly over $100,000.
Cloudflare — the orange and black box on an interstitial website that you sometimes have to tick before you can proceed — is the internet’s frontline weapon. X began to use it to filter out traffic from IP addresses deemed suspicious, but Cloudflare comes with its own costs in terms of renting the space on its servers. DDOS attackers know this, and will often idle between rounds of attacks, causing websites to spend heavily on surplus cloud capacity. Swatting it eats resources, and the sheer wearing quality of managing security can exhaust big lumbering beasts. More of these local difficulties are likely to be on the way.
Join the discussion
Join like minded readers that support our journalism by becoming a paid subscriber
To join the discussion in the comments, become a paid subscriber.
Join like minded readers that support our journalism, read unlimited articles and enjoy other subscriber-only benefits.
Subscribe“IP addresses originating in the Ukraine area”.
An area resembling–but legally distinct from–Ukraine.
I normally wouldn’t support hackers, but if they have it in for Elon, they are ok by me.
We’ll put you down as favoring speech control, then. Allow me to refer you to an author name of Orwell.
You are missing the point. I don’t support taking X down because I “favour speech control”. I support it because I “hate Elon”. By way of illustration, I support space exploration, but I am always happy when a Space X rocket blows up (because Elon owns it).
Ah, standard Progressive political hate, then. Thanks for being honest.
Back in the day, I was a right-winger of the then-standard “Thatcherite-Reaganite” persuasion. I generally still am. I have always thought Elon was a creepy weirdo, but back when he was just a “businessman”, he didn’t bother me that much. However now that he has declared war on the human race, I am very glad that it has declared war back.
Dark Storm Team “has previously targeted Israeli hospital infrastructure“ and now an African bank.
That’s who you are rooting for?
Good to have a name for my enemy, “Martin M.”
I don’t support “Dark Storm Team” generally, but if they are giving grief to Elon, they are (in my view at least) doing something good. I mean, “your enemy’s enemy is your friend”, right?
Dark Storm Team “has previously targeted Israeli hospital infrastructure“ and now an African bank?
This is the character of the enemy.
Good to know and remember.