Arabic Arabic Chinese (Simplified) Chinese (Simplified) Dutch Dutch English English French French German German Italian Italian Portuguese Portuguese Russian Russian Spanish Spanish
| (844) 627-8267

Meet Killnet, Russia’s hacking patriots plaguing Europe – POLITICO | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker


A rag-tag group of Russian hacktivists is targeting European governments, infrastructure and even its prized Eurovision song contest with cyberattacks and disinformation campaigns, in an effort to deter support for Ukraine in the war.

The pro-Kremlin hacker collective by the name of Killnet has launched a barrage of attacks on Western government networks and critical infrastructure this summer, loudly claiming victories on social media channels and in Russian media and causing headaches for Russia’s adversaries’ security authorities.

Killnet is radically different from Russia’s highly skilled hackers working for its intelligence agencies’ groups like Fancy Bear and Sandworm, which have gained fame through hacks of the U.S. Democratic National Committee and launching the devastating ransomware called NotPetya, respectively. Killnet, on the other hand, is more like an angry, nationalist online mob armed with low-grade cyber-offensive tools and tactics. Its big success is in setting a narrative about the war.

“Many in Russia see them as a hero,” said Stefan Soesanto, a researcher at the Center for Security Studies at ETH Zurich tracking hacktivist activity in the conflict. “Killnet’s aim is to make Europeans pay for their unequivocal support of Ukraine and punish Western governments for their anti-Russian sentiment.”

The group rose to fame for launching distributed denial-of-service (DDoS) attacks and “defacing” websites in which they post pro-Russian messages on websites they hack. It first appeared in January as a cybercriminal hack-for-hire vendor, but when Russian tanks invaded Ukraine at the end of February, the group quickly turned very vocal in its backing of Russia’s offensive.

“KillNet works in an emotional way. They seek revenge and retaliation against wrongs they believe have been dealt against Russia and its people,” said the researcher known by his online pseudonym CyberKnow, who monitors threat groups and publishes research on a cybersecurity tracker. CyberKnow requested not to disclose his real name. “They are extremely reactionary to current geopolitical events.”

One of Killnet’s more high-profile attacks was in May against the Eurovision song contest | Giorgio Perottino/Getty Images

In past months it has targeted more than 10 Western countries, including Latvia, Lithuania, Norway, Italy, the U.S. and most recently Estonia. One of the group’s more high-profile attacks was in May against the Eurovision song contest. Russia was banned from competing in the competition, so the hacker group attempted a DDoS attack. Italy’s police department thwarted the attack, but not without the country suffering retaliatory hits against its Senate and National Health Institute websites.

In June, KillNet’s targeting of Lithuania propelled it to a new level of popularity in Russian media, following Vilnius’ blockade of goods to the Russian territory of Kaliningrad. In a video message circulated online, the group demanded that Lithuania allow the transit of goods to Kaliningrad; otherwise, attacks would continue. Ultimately, the attack had “limited success” according to the country’s Vice Minister of National Defense Margiris Abukevičius, with few web pages taken down — but the attention it garnered was huge.

Estonia was targeted August 17, but authorities said the attack on e-government services had gone “largely unnoticed” by Estonian citizens.

Cybersecurity professionals describe the group as more of a nuisance than a menace. Most countries on the receiving end of its attacks have been able to fend off the attacks or easily recover from them. A research paper published last month said the role hacktivist communities have played in the Ukraine war was “minor,” adding that “rather than targeting critical infrastructure, there were mass attacks against random websites within ‘.ru’ and ‘.ua’. We can find no evidence of high-profile actions.”

But Killnet’s success lies not in its sophistication or abilities to hack, infiltrate and bring down networks. The group has made its mark by loudly claiming victory when managing to block services — with crafty PR that includes flashy announcement videos, memes and watermark images that are shared on social media and reported by news outlets.

The war has pitted Killnet against similar collectives backing Kyiv. Hacking group Anonymous declared war on Russia early on in the conflict and the Ukrainian government has mobilized its domestic IT sector and international sympathizers to form an “IT Army of Ukraine” that is coordinating cyber campaigns and attacks on Russian targets.

The Russian patriots are fighting an uphill battle against Ukraine’s widely supported hacktivists, researchers said. “Unlike Killnet, the IT Army is incredibly persistent in targeting one specific target for weeks or months on end, like the list of financial institutions they published as targets early on in the war,” said Soesanto. “They are probably more effective than Killnet by a magnitude of 100.”

Killnet has said it wants to cooperate with the Russian government, but so far there are no signs it’s under the direct control of state officials.

Still, its clear pro-Kremlin stance could be a problem for Russia. “It makes Russia potentially responsible for the damage caused by such operations, unless authorities in Moscow distance themselves from such malicious operations,” said Patryk Pawlak, executive officer at the EU Institute for Security Studies.

This article is part of POLITICO Pro

The one-stop-shop solution for policy professionals fusing the depth of POLITICO journalism with the power of technology


Exclusive, breaking scoops and insights


Customized policy intelligence platform


A high-level public affairs network

pl_facebook_pixel_args = [];
pl_facebook_pixel_args.userAgent = navigator.userAgent;
pl_facebook_pixel_args.language = navigator.language;

if ( document.referrer.indexOf( document.domain ) < 0 ) {
pl_facebook_pixel_args.referrer = document.referrer;
}

!function(f,b,e,v,n,t,s)
{if(f.fbq)return;n=f.fbq=function(){n.callMethod?
n.callMethod.apply(n,arguments):n.queue.push(arguments)};
if(!f._fbq)f._fbq=n;n.push=n;n.loaded=!0;n.version='2.0';
n.queue=[];t=b.createElement(e);t.async=!0;
t.src=v;s=b.getElementsByTagName(e)[0];
s.parentNode.insertBefore(t,s)}(window, document,'script',
'https://connect.facebook.net/en_US/fbevents.js');

fbq( 'consent', 'revoke' );
fbq( 'init', "394368290733607" );
fbq( 'track', 'PageView', pl_facebook_pixel_args );

if ( typeof window.__tcfapi !== 'undefined' ) {
window.__tcfapi( 'addEventListener', 2, function( tcData, listenerSuccess ) {
if ( listenerSuccess ) {
if ( tcData.eventStatus === 'useractioncomplete' || tcData.eventStatus === 'tcloaded' ) {

__tcfapi( 'getCustomVendorConsents', 2, function( vendorConsents, success ) {
if ( ! vendorConsents.hasOwnProperty( 'consentedPurposes' ) ) {
return;
}

const consents = vendorConsents.consentedPurposes.filter(
function( vendorConsents ) {
return 'Create a personalised ads profile' === vendorConsents.name;
}
);

if ( consents.length === 1 ) {
fbq( 'consent', 'grant' );
}
} );
}
}
});
}

——————————————————–


Click Here For The Original Story From This Source.

National Cyber Security

FREE
VIEW