The online editions of Sweden's media elite were knocked offline for several hours by a coordinated cyberattack on 19 March, in what has been branded an 'attack on free speech' by high-ranking politicians.
Hackers were able to cripple the media organisations with the use of a distributed denial-of-service (DDoS) tool and several firms were impacted in the attack, including Dagens Nyheter, Svenska Dagbladet, Expressen, Aftonbladet, Dagens Industri, Sydsvenskan and Helsingborgs Dagblad. DDoS tools are frequently used by 'hacktivists' and cyber-criminals to send a flood of traffic to overwhelm a website's server with the aim of taking it offline.
Jeannette Gustafsdotter, chief executive of the Swedish Media Publishers' Association, told Dagens Nyheter that the attack was 'severe'. She said: "We do not yet know who is behind the attacks, but what has happened is a threat to democracy."
Prior to the incident, an anonymous Twitter account with the username @_NotJ warned the attacks were imminent and accused the targeted websites of reporting 'false propaganda' yet did not specific exactly what story had caused such offence. The Twitter account in question only follows one person who is under the pseudonym @AppleJ4ckxoxo and regularly tweets about hacking and data breaches. Additionally, the '@AppleJ4ckxoxo' user only follows 12 people, two of which are accounts relating to the notorious Lizard Squad hacking collective.
Swedish police forces have now launched an investigation into the attack. Anders Ahlqvist, a police cybersecurity expert said he has contacted 'national and international' partners to locate the culprits. "We have seen major attacks in Sweden before, for example in connection with [Julian Assange] and Anonymous, but not this coordinated. It's remarkable," he asserted.
Ahlqvist added that his team has found the DDoS attacks originated from 'the east' however refused to say exactly what country or region he was referring to. The investigator added that just because internet traffic comes from a certain place that does not always mean the hackers responsible are based there.
An attack on free speech
Anders Ygeman, the Swedish minister for home affairs took to Twitter and called the attack "a deeply disturbing attack on the media and free speech."
Yet as the authorities noted, this is not the first time Sweden has been caught up in DDoS-style cyberattacks. Following the announcement that it would fight the decision to grant WikiLeaks founder Julian Assange bail in the UK, the website of the Swedish Prosecution Authority was targeted in a similar flood of traffic by Anonymous. Additionally, Lizard Squad inadvertently managed to crash the broadband connection of the Swedish internet grid in 2014 after a DDoS attack on a gaming website left customers of Telia, Sweden's largest ISP, without service for nearly an hour.