Russian Hacktivists Aspire to Attack Critical Infrastructure
UK NCSC Calls on Critical Infrastructure Entities to Strengthen DefensesBritain's National Cyber Security Center said Russian hacktivists have ambitions of becoming a larger threat to Western critical infrastructure by advancing their attacks past distributed denial of service and disinformation.
See Also: ON-DEMAND WEBINAR: Secure Your Applications: Learn How to Prevent AI-Generated Code Risks
Russian hacktivist groups loyal to the Kremlin have launched DDoS attacks against targets including airport and hospital websites. KillNet, one of the higher-profile pro-Russian nuisance hacking groups, temporarily knocked off the European Parliament websites in November hours after the legislative body declared Russia a terrorist state following Moscow's initiation of a war of conquest against Ukraine (see: Russian KillNet Shuts Down EU Parliament Website With DDoS).
U.K. Cabinet Office Secretary of State Oliver Dowden described the groups as Wagner Group-like "fringe" hackers whose primary motive is to destroy and disrupt. Dowden spoke Wednesday in Belfast at an annual conference held by the NCSC. The Wagner Group is a Russian paramilitary organization that swept into full public view last year after it began recruiting new contractors from prisons to be deployed to the Ukrainian front.
In a warning, the NCSC said some Russian hacktivist groups "have stated a desire to achieve a more destructive impact against Western infrastructure." Dowden said, "Disclosing this threat is not something we do lightly, but we believe it is necessary."
The British government is encouraging British critical infrastructure entities to shore up defenses before the hacktivist groups are able to improve their attack capabilities.
Researchers from Mandiant earlier this year assessed with "moderate confidence" that a handful of Russian hacktivist groups - XakNet Team, Infoccentr and CyberArmyofRussia_Reborn - coordinate operations with the Russian government hacker group known as Fancy Bear. There is no direct evidence that the pro-Kremlin DDoS group KillNet has links to Russian intelligence, Mandiant said.