Portuguese company VisionWare detected 961 cyber attacks by pro-Russian hackers against Western countries and organisations between October 2022 and March 2023, according to an official report sent to Lusa on Thursday.
The report, titled ‘The Action of Pro-Russian Cyber Groups Against NATO Member States’, focuses on the cybercriminal activity carried out by hacker groups KillNet and ‘NoName057(16) and verified by Portuguese company VisionWare.
Speaking to Lusa, Bruno Castro, founder and CEO of VisionWare, admitted that there is no confirmation that the pro-Russian hacktivism is state-sponsored and that the possible involvement of the Kremlin “is unclear”.
“There is no material to conclude that the groups are affiliated with the Kremlin (or the GRU – Central Intelligence Department or the FSB – Federal Security Service of the Russian Federation). However, there is a very well-coordinated offensive strategy, in line with the interests of the Russian government,” he emphasised.
The centre produces geopolitical reports on the threats under study, monitors risk actors, notifies in real time whenever institutions’ data is compromised, produces analysis and study reports on the main threats and actors, divided by time and risk sector.
According to the report, 8,347 messages were analysed on Telegram: 6,805 referring to Killnet and 1,542 referring to NoName057(16).
During the period analysed, the groups targeted sectors related to ‘government, banking and defence’ the most, with 371 attacks. January 2023 was the month with the highest frequency of attacks, with 333, or about 35% of the total.
Portugal was the victim of two KillNet attacks, which hit the national health authority (DGS) portals and the Faculty of Pharmacy.
In the two quarters analysed, 41% of Killnet attacks were in the United States. However, Estonia, Latvia, and Lithuania – which suffered 33.9% of the attacks carried out by this group – and Poland stand out among the countries most targeted by NoName057(16).
In the period analysed, the two hacker groups focused on Poland, in particular, as it was the target of 123 attacks.
Asked what lies ahead for pro-Russian hacker groups, Castro said they will continue reacting to current affairs by observing Russia’s relations with third countries.
“This study, based on a detailed analysis of the daily phenomena we monitor from these groups, suggests that the targets will go beyond Ukraine. For example, KillNet claimed responsibility for large-scale Distributed Denial-of-Service (DDoS) attacks against major US airports in October 2022. These attacks did not affect flights but disrupted or delayed airport services,” he said.
“All these DDoS attacks cause reputational and financial damage, many of which are higher than we realise. The report we are presenting highlights the development of these groups’ capabilities, resources and disruptive power to attack states and contribute to the destabilisation of societies,” Castro added.
(José Sousa Dias | Lusa.pt)
Read more with EURACTIV
Sanchez’s leadership plummets over controversial amnesty law