Minnesota’s Governor Walz characterized the distributed denial-of-service attacks against state services as “very sophisticated.” The Hill quotes him as adding, “That's not somebody sitting in their basement.” But it very well could have been the work of proverbial basement-dwellers. As StateScoop and others point out, distributed denial-of-service attacks are commodity attacks. They can be hired for less than $20.
Anonymous has also resurfaced during the Minnesota-centered unrest, although distinguishing the real Anonymous (insofar as an anarchist collective can be said to have a real, enduring identity) is, as Motherboard notes, difficult. Anyone can claim to represent Anonymous. It’s perhaps significant that a lot of the chatter nominally from Anonymous is amplified through K-Pop social media fan accounts. Both the Washington Post and CyberScoop dismiss the claimed Anonymous operations as derivative fizzles, either an attempt to regain relevance or the work of wannabes and re-enactors.
There’s also inauthenticity in the chatter related to the unrest, some from foreign intelligence services, and some from rival extremists flying false flags, NBC reports.
The US Cyberspace Solarium Commission this morning issued a white paper on lessons learned about cybersecurity from the COVID-19 pandemic. For the most part those lessons reinforce the Commission’s policy recommendations, but they also see interesting analogies between a pandemic and a major cyberattack. They’re both global crises that call for a whole-of-nation response. Both call for an environment that makes it possible for solutions to emerge. And in both cases, “prevention and preestablished relationships” are better than deterrence and response.