Killnet hacktivists and their latest targets
Killnet are pro-kremlin Russian hacktivists with approximately 90,000 telegram subscribers. They have been making headlines recently for targeting the British royal family, causing disruption to the Prince of Wales’s website, and claiming to do the same to several other large organisations. The hackers have also threatened government services and medical institutions in the UK, citing the country’s support of Ukraine as the driver for their ‘revenge’. Should we be worried, and how can businesses make sure they are protected from attacks by Killnet and other hacktivist groups like them?
The story so far
The Killnet hacktivist group started off as a Hack for Hire, selling their DDoS (distributed denial-of-service) tool. However, once the war with Ukraine started, they changed their stance to be Pro-Russian Cyber Patriots, focusing their attacks on those who support Ukraine. Although they state they have no affiliation with the Russian government, they have a more emotional reaction than traditional cyber criminals, retaliating against those who they feel have wronged Russia. This has been mostly European countries – Latvia, Lithuania, Norway and Italy to name a few. They have also attacked the U.S. and the Eurovision song contest while Ukraine was performing.
While the expected and feared ‘cyberwarfare’ following the invasion of Ukraine has gone relatively unseen, these latest threats from Killnet suggest we should still be on guard and prepared for attacks from this Russian-backed hacking group’s latest target.
The solution
It is not solely medical institutions and government services that should be bolstering their security posture. The supply chain of any large organisation will also be seriously vulnerable, as cybercriminals will look to exploit smaller businesses to penetrate their partners. Supply chain risk continues to be a huge issue in cybersecurity. It’s crucial that enterprises interrogate the security posture of their current and future partners and ensure they have agreed liability in the case of a successful data breach.
Fortunately, cyber professionals have deemed that Killnet are more of a nuisance than a threat, with their attacks being easy to recover from or avoid. They have loud, flashy publicity stunts which have not gone unnoticed by the media, such as defacing public websites with pro-Russian messages. However, this doesn’t mean they should be underestimated; protection should remain a priority.
Killnet focuses a lot on denial of service (DDoS) and brute force attacks, which a correctly configured Security Operations Centre (SOC) should be able to block. However, many enterprises do not have the in-house resource for a fully-fledged SOC. Therefore, working with cybersecurity experts providing outsourced SOC services will be crucial – especially as organisations will benefit here from the aggregate value of varied threat intelligence from across the cyber landscape.
Find out how DigitalXRAID can support your Security Operations Centre (SOC) service needs. Get in contact for more information or guidance.