To review this article, My Profile and then view the stored stories.
To review this article, My Profile and then view the stored stories.
Matt Burgess
To review this article, My Profile and then view the stored stories.
To review this article, My Profile and then view the stored stories.
The attacks on Lithuania began on June 20. Over the next 10 days, government and corporate websites were bombarded with DDoS attacks, overloaded with traffic, and forced to disconnect. “Typically, DDoS attacks are concentrated on one or two targets and generate massive traffic,” says Jonas Skardinskas, acting director of Lithuania’s National Cybersecurity Center. But it’s different.
This content can also be viewed from where it originates.
A few days before the attacks began, Lithuania prevented the shipment of coal and steel through its country to the Russian territory of Kaliningrad, further strengthening its position for Ukraine in its confrontation with Russia. Pro-Russian hacker organization Killnet published “Is Lithuania Crazy?? ” on its Telegram channel to 88,000 subscribers. The organization then used hacktivists, which brought with it a number of other pro-Russian hacking equipment, to attack Lithuanian websites. A list of targets was shared.
The attacks, Skardinskas explains, were continuous and spread to all areas of life in Lithuania. In total, more than 130 public and private sector websites have been “clogged” or inaccessible, according to the Lithuanian government. Skardinskas says the attacks, which were linked to Killnet, have generally declined since early July and that the government has opened an investigation into thief.
The attacks are just the latest wave of pro-Russian hacktivist activity since Vladimir Putin’s war began in February. In recent months, Killnet has pointed to a developing list of countries that have helped Ukraine but are not directly involved in the war. Internet sites in Germany, Italy, Romania, Norway, Lithuania and the United States have been connected to Killnet. The organization declared “war” on 10 nations. The attacks come after a country has submitted its aid to Ukraine. Meanwhile, XakNet, another pro-Russian hacktivist organization, claimed to have attacked Ukraine’s largest personal power company and the Ukrainian government.
While security experts have warned that Russia’s attacks may target only Western countries, the efforts of volunteer hacktivist teams can have an effect without receiving official help or being led by the state. “In fact, they have malicious intentions when they provoke those attacks,” says Ivan Righi, a senior cyber risk intelligence analyst at security firm Digital Shadows who studied Killnet. “They are not yet working with Russia to help Russia. “
Killnet started as a DDoS tool and was first seen in January of this year, Righi says. invaded Ukraine last February, the organization turned. The vast majority of Killnet’s efforts and those of his “legion” organization (members of the public who are invited to register and launch attacks) have been DDoS attacks, Righi says, however, he has also noticed that the organization is connected to some online page degradations, and the organization itself has made unverified statements that it stole data.
Boyce Upholt
Maggie Chen
John Semley
haley sprinkle
His Telegram channel, where he makes political statements and talks about goals, opened in late February and has gained popularity, and the club has doubled since May. “They started to gain popularity among the public in Russia,” says Righi. Righi says he produces nifty promotional videos and sells his own merchandise.
Although DDoS attacks are not sophisticated, “they can still create uncertainty in the population and give the impression that we are part of the existing political scenario in Europe,” said Sofie Nystrøm, director of Norwegian cybersecurity firm NSM. The country was subject to DDoS attacks in late June.
Russia has long been home to cybercriminals like ransomware groups, which the country has largely ignored as long as they don’t target corporations in Russia. Simultaneously, Russian army hackers have sown global chaos for years, causing power outages in Ukraine, hacking into the Olympics and leading the worst cyberattack in history. Evidence against state-backed Russian hackers has been accumulating since the war began, though Russia has denied launching cyberattacks around the world. The Russian embassy in the United States did not promptly respond to a request for comment.
In April, cybersecurity officials in the United States, Australia, Canada, New Zealand and the United Kingdom warned of the potential damage that pro-Russian organizations, adding XakNet and Killnet, could cause. While it is unclear who Killnet is or if he is subsidized by the Russian state, some other infamous Russian hacktivist organization has been connected to the Kremlin. Last June, U. S. cybersecurity company Mandiant, as Bloomberg first reported, said Russian intelligence agents had passed stolen data to XakNet. Ukrainian officials also posted attacks on DTEK, the country’s largest personal power company, on XakNet. (The organization has published articles about DTEK several times on its 36,000-subscriber Telegram channel. )
“We have noticed that several teams emerged in the context of the Russian invasion of Ukraine,” said Alden Wahlstrom, senior analyst at Mandiant. “Both XakNet and Killnet have dubious provenance. ” Wahlstrom says any accusations of hacktivism will have to be approached with “a healthy dose of skepticism” and that Russian intelligence agencies have an “established history of cutting equipment” for cyber activities. Last week, the cybercriminal organization Trickbot, which is made up of several smaller teams, such as the ransomware organization Conti, which has ties to the Russian state, were detected through IBM targeting Ukraine for the first time. IBM describes the move as a “big change” in the organization’s behavior.
XakNet claimed that it does not work through the Russian government. In a Telegram article in response to Mandiant’s findings, he said he “fully” supports the Kremlin’s position and acknowledges that its activities are not legal. He said he is not cooperating with Russian FSB security. service “at this time” but is “happy to provide knowledge to those who request it. “
Boyce Upholt
Maggie Chen
John Semley
haley sprinkle
It is conceivable that there are links between the Russian hackers’ own teams. In several cases, Wahlstrom says, they posted cross-posts about other teams’ paintings on their Telegram channels. For example, when Killnet asked to target Lithuania, it posted a message asking for help from XakNet, Russian ransomware equipment, and other pro-Russian hacking equipment.
“XakNet and Killnet have given a decent number of media interviews in the Russian media space, which explains why there is at least a possible dual component to some of those activities,” Wahlstrom said. “They help promote Russian interests abroad, whether in Ukraine or beyond, but on the other hand, they are strongly promoted in the Russian media as teams that are presentations of patriotic volunteers that include help for the decisions of the Russian government. “
Killnet responded to a request for comment saying he was “no longer a friend” of XakNet. “Our enemy is your brother in government,” the organization says. “But we’re not harmful to people. “
jenny morber
Chris Stokel-Walker
Matt Burgess
DDoS attacks have also been significant in Ukraine. Officials have created a volunteer computer army, where other people around the world can help launch attacks against Russian targets. The computer military has claimed to remove, at least temporarily, the websites. of Russian ministries, food delivery and banks : one of Putin’s speeches last month was delayed an hour after the cyberattacks. Attacks on Russia also come from hacktivist teams outside Ukraine, such as Anonymous.
Ultimately, as Russia’s war against Ukraine continues, the activity of pro-Russian cyber teams remains in line with Russian objectives. foreign security program at the Center for Strategic and International Studies, a U. S. -based think tank. UU. ” Moscow’s security knows who those operators are and will use some kind of influence to force them to cooperate when necessary. “
Harding says analysts have continually predicted that Russia will use “denying tools” and equipment to react against countries that help Ukraine. While DDoS attacks are sophisticated, they contribute to this effort. And if attacks by so-called hacktivist teams become more advanced, they are more likely to cause more damage or threaten to escalate the conflict. “The threat of miscalculation is real,” Harding says. “No one has tested the limits of cyber operations without causing an escalation. “
? The latest in technology, science and more: get our lyrics!
Know the lobbyist’s door
The “shamanification” of CEO TECH
The first and the time we classify the Star Wars movies
The secrets of Covid’s “brain fog” are to be lifted
The Danger of License Plate Readers in Post-Roe America
?️ Explore AI as before with our new database
✨ Optimize your home life with the most sensible selections from our Gear team, from robotic vacuum cleaners to mattresses and smart speakers
Lily Hay Newman
Lily Hay Newman
Matt Burgess
Matt Burgess
Matt Burgess
Matt Burgess
Lily Hay Newman
Lily Hay Newman
More wiring
Contact
© 2022 Condé Nast. All rights reserved. Your use of this site constitutes acceptance of our User Agreement and Privacy Policy and Cookie Statement and your California privacy rights. Wired may earn a portion of sales from products purchased on our site as part of our component partnerships associated with retailers. Curtains on this site may not be reproduced, distributed, transmitted, cached, or otherwise used unless you have the prior written permission of Condé Nast. Choice of ads