28 February 2022

KNOCKED OUT! MISSION ACCOMPLISHED: Attacks in The Cyber Domain | Forbes Breaking News

WHOA! Hacktivists join fighting on the ground...More cyber attacks over the weekend

Editors' Pick|

Moscow Exchange, Sberbank Websites Knocked Offline—Was Ukraine’s Cyber Army Responsible?

Thomas Brewster

 
Associate editor at Forbes, covering cybercrime, privacy, security and surveillance

 

"While its claims couldn’t be verified, the Ukraine IT Army, a crowdsourced community of hackers endorsed by Kyiv officials, called on members to launch attacks on the website, Moex[.]com, early on Monday. On Telegram, the IT Army claimed it took only five minutes to knock the site down. Mykhailo Fedorov, Ukraine’s deputy prime minister who announced the formation of the Army, celebrated on Facebook: “The mission has been accomplished! Thank you!”

The central bank of Russia initially delayed and then confirmed the Moscow Exchange would remain closed today as the impact of global sanctions led to the ruble dropping to a record low against the dollar. The London-listed shares of Sberbank plunged 70% amid a major sell of Russian stocks like Lukoil that trade on the London Stock Exchange.  

“We can confirm the Moscow Exchange website is down, but we don't have visibility into the incident’s root cause or the extent of the disruption,” a spokesperson for NetBlocks, which tracks internet connectivity across the world, told Forbes. Moex hadn’t responded to a request for comment at the time of publication.

This morning, the IT Army, announced by deputy prime minister Fedorov this weekend, also attempted to organize an attack on the website of Russia’s largest lender, Sberbank. Fedorov also claimed on Facebook that “Sberbank fell!” In the middle of the afternoon Moscow time, the site was inaccessible, as confirmed by NetBlocks.

The website outages land amid a range of attacks being launched alongside the fighting on the ground, where hacktivists have joined the fray in support of both Ukraine and Russia.

Many are distributed denial of service (DDoS) attacks, where website servers are flooded with traffic to the point they’re unusable. Various Ukrainian bank and government websites were knocked offline earlier this month, following attacks that were later attributed by Ukrainian, U.S. and U.K. officials to Russia. Computer wiping malware was also seen to spread across Ukrainian financial, defense, aviation and IT services organizations.

Ukraine and is supporters, via official and unofficial groups, have responded by launching DDoS attacks on numerous government targets. RT, the Russian-state funded TV station under scrutiny for its ties to the Kremlin propaganda machine, complained of being targeted by hacktivist collective Anonymous while the website of state news agency Tass was also offline.

The wave of cyberattacks appears to be going in the opposite direction than it was earlier this month, with most attack traffic targeting Moscow. Cloudflare, a company that protects and tracks internet traffic, said it had seen a “marked increase” in DDoS attacks originating in Ukraine. “There was a large increase in bot traffic in Ukraine also. These two things may be related,” a spokesperson said, noting that “cyberattacks remain relatively quiet on .ua [Ukraine] domains.”

There were other reports of cyberattacks over the weekend. The official Kremlin website went down, and Belarus was drawn into the conflict on the ground and in the cyber domain.

> On Sunday, a group called the Belarusian Cyber-Partisans announced it had targeted the Belarusian railway in support of Ukraine and in protest at the involvement of Belarus in Russia’s invasion. The group claimed railroads in Minsk and Orsha had been paralyzed. Forbes could not verify their claims, though Bloomberg reported an ex-Belarusian railway employee claiming that there were some outages of certain systems."

No comments: