Russian Hacking Group Killnet attacks NATO disrupting Turkey Earthquake relief
The Killnet group of Russian hackers disrupted communication between NATO and military aircraft providing aid to earthquake victims in the Turkish-Syrian region, that has claimed the lives of over 40,000 people.
A NATO official confirmed that the alliance was targeted in a cyberattack, with the group claiming responsibility for the distributed denial of service (DDoS) attack through one of their Telegram channels. Although NATO's Special Operations Headquarters website in Belgium was downed briefly, it was soon restored. The attack also affected other organisations, including the Strategic Airlift Capability, a multi-national organisation that depends on NATO for military and humanitarian airlifts.
A NATO official confirmed the attack, stating that NATO cyber experts are actively addressing the incident that has impacted some NATO websites. The official emphasized that NATO takes cyber security very seriously and regularly deals with cyber incidents. Meanwhile, western security agencies have classified Killnet as a group of pro-Kremlin activists who carry out DDoS attacks to disrupt military and government websites of nations that support Ukraine.
Largest DDoS Attacks ever recorded thwarted
DDoS-mitigation vendor Cloudflare, reported that its customers suffered from a wave of volumetric attacks, including the largest such attack on record. The majority of attacks peaked at 50-70 million requests per second, with the largest exceeding 71 million rps.
The attacks originated from over 30,000 IP addresses, and some of the affected websites included a popular gaming provider, cryptocurrency companies, hosting providers, and cloud computing platforms. The audacity of attackers has been increasing, with ransom DDoS attacks steadily increasing throughout the year. DDoS-for-hire services make it easy for threat actors to launch attacks.
There is an increasing tendency for DDoS attackers to use cloud providers as the source of their network traffic, rather than the more common tools of IoT devices and home gateways, which are often rolled into botnets by attackers.
Swedish Television Station knocked off air and Scandinavian airlines hit by cyber attacks
On Tuesday, Sweden's national public television broadcaster, SVT, temporarily went down due to a cyber-attack. The attack was claimed by a group called "Anonymous Sudan" on their Telegram channel, stating it was in response to Koran burnings in Sweden, and that Swedish media would be targeted.
On the same day, Scandinavian airline SAS experienced a cyber-attack which temporarily paralyzed its website and leaked customer information from its app. Although SAS urged customers to avoid using its app, it later confirmed that the issue had been resolved. Unfortunately, these incidents are not isolated and serve as a reminder of the constant threat to cyber security in the airline and airport industry. For instance, Go First airline's Twitter account was breached last year, and TAP Air Portugal had to respond to a data breach in which sensitive personal information of some passengers was exposed on the dark web. Furthermore, several major US airports encountered a series of cyber-attacks in October.
