Portuguese company VisionWare detected 961 cyberattacks carried out by pro-Russian hackers against countries and organizations in Western Europe between October 2022 and March 2023, according to an official report sent to LosaEuractiv partner, Thursday (September 21).
The report is entitled “Action of pro-Russian cybercriminal groups against NATO member states”Focus on Cybercrime activities It was carried out by hacking groups KillNet and “NoName057 (16)” and verified by Portuguese company VisionWare.
to treat LosaBruno Castro, founder and CEO of VisionWare, admitted that there was no evidence that the pro-Russian hack was state-sponsored and that the Kremlin was likely involved. “Unclear”.
“There is no basis to conclude that these groups are affiliated with the Kremlin (or the GRU, the Central Intelligence Service, or the FSB, the Federal Security Service of the Russian Federation). However, we see a very well-coordinated offensive strategy, consistent with the interests of the Russian government.”confirmed.
The center produces geopolitical reports related to the studied threats, monitors the actors at risk, notifies in real time of any corporate data breach, and produces analytical and study reports on the main threats and the main actors, distributed over time and by risk sector.
According to the report, a total of 8,347 messages on Telegram were analyzed: 6,805 related to Killnet and 1,542 related to NoName057 (16).
During the period analysed, the groups mainly targeted their associated sectors “Government, Banking and Defence”A total of 371 attacks. January 2023 saw the highest frequency of attacks, with 333 attacks, or approximately 35% of the total.
Portugal was the victim of two KillNet attacks, affecting the portals of the National Health Authority (DGS) and the Faculty of Pharmacy.
During the two quarters analyzed, 41% of killnet attacks occurred in the United States. However, Estonia, Latvia and Lithuania, which suffered 33.9% of attacks carried out by this group, as well as Poland, stand out among the countries most targeted by NoName057 (16).
During the period analyzed, both hacker groups focused on Poland, in particular, which was the target of 123 attacks.
In response to a question about the future of pro-Russian hacking groups, Castro said they will continue to respond to current events by monitoring Russia’s relations with third countries.
“This study, based on a detailed analysis of the daily phenomena we observe from these groups, suggests that the targets will extend beyond Ukraine. For example, KillNet claimed responsibility for large-scale distributed denial-of-service (DDoS) attacks against major US airports in October 2022. It did not affect These attacks on flights, however, disrupted or delayed airport services.-Did you announce?
“All of these denial-of-service attacks cause financial and/or reputational damage, which is often greater than we realize. Our report highlights the evolving capabilities, resources, and disruptive power of these groups to attack nations and contribute to the destabilization of societies.”Mr. Castro added.