With the turmoil in the region seemingly coming to an end, Russia has seen a number of attacks against it in recent days.
Last Friday, Finextra reported that the website of theBank of Russia was taken down, while Reutersreported that hackers knocked out the Russian presidency’s website several times.
Combine those attacks with reported attacks againstNATO, which according to CNet were down to the hacktivist group “Cyber Berkut”, who hit NATO’s website, NATO’s cyber defense center and the site for NATO’s Parliamentary Assembly.
NATO spokesperson Oana Lungescu confirmed that several NATO sites had been the target of a “significant” distributed-denial-of-service attack, but said the integrity of the systems was unaffected and experts were working to restore normal functionality.
On its Russian language website, Cyber Berkut boasted of a number of attacks and successful DDoS efforts, with some responsibility seemingly claimed for the NATO attacks. It said: “If NATO cannot protect their resources, the protection of personal data of ordinary Europeans cannot be considered.”
Considering the legitimacy of the group and the reliability of Google Translate, this group does seem to be associating itself with the Anonymous movement of hacktivists, using the “we are legion, we do not forgive, we do not forget” sign off on the website.
Another group, seemingly with the same intentions, also released data of the personal PC of the President of the Russian Industrial Investment Fund, according to Softpedia. The group, a semi-governmental investment company established by a decree of the president of Russia, apparently had data stolen which contain information on “critical Russian business operations and shadow banking” and amount to over 900MB including 1,400 documents, spreadsheets, image files, archives, PowerPoint presentations and videos.
Finally consider the emergence of the Snake virus,which infected users in the Ukraine and the region around the Crimea has not only hit the national news, but also the technology pages.
Softpedia reported that while no hacktivist groups appear to show support for Russia, at least not directly, one of the country’s intelligence agencies is suspected of developing a piece of malware that has been used in numerous cyber espionage operations.
So is this a case of the aggressor being hit by the renegade attackers? I asked Taia Global’s Jeffrey Carr that, and he told IT Security Guru that he felt that“Russia will remain a target for as long as it persists in trying to impede Ukraine’s move towards independence.”
He said that the Russian Industrial Investment Fundattack “was done by hackers (Russian as well as other nationalities) who support an independent Ukraine,” and said that they were also
responsible for an earlier breach that exposed documents from a Russian defence contractor.
With regard to the ties to Anonymous, Carr called this atextbook example of how Anonymous, with its anarchist framework, can be easily co-opted to support the political agenda of a nation state while appearing to be an opposition movement.
So the attacks do seem to be going back and forth, and avoiding use of the term “cyber war”, especially as one nation has proved such capability in the past, is this a case of power on the ground being reflected in digital power also?
Commenting, TK Keanini, CTO of Lancope, said that from the information released so far, this attack was politically based as the perpetrator “wants to be known”.
He said: “Compare this to other cyber criminals who don’t want to be known, hide in the shadows, and launch a DDoS for a diversion while they perform their objective of data theft. These political sites should rehearse this scenario because from here on out it should be common. Their incident response should include not just IT folks but the legal, PR, and all the other departments that help insure business continuity.”
The term cyber war will be bounded around for a while in relation to this story, and even though the battle over Crimea seems to be close to being resolved, some people with capabilities and intentions have long memories.