At a glance.
- DDoS hits Finland's parliament.
- Currency.com sustains Russian DDoS attack.
- Killnet promises to inflict casualties.
- Cybercriminals target Russia and Belarus.
- Patch notes.
- ICS security advisories.
- Risks of failure to patch.
Finland's parliament comes under cyberattack.
The website of Finland's parliament was unavailable yesterday as it came under a distributed denial-of-service (DDoS) attack. The attack is under investigation, but is believed to originate from Russia. Finnish news outlet Yle reports that the website was inaccessible between 2:30 PM and 10:00 PM local time. The threat actor behind the incident is believed, on the basis of claims in a hacktivist group's Telegram channel, to be a Russian group calling itself NoName057(16), and the motive is to harass Finland's government for its decision to seek NATO membership. "We decided to make a 'friendly' visit to neighbouring Finland, whose authorities are so eager to join Nato," the group said.
Cyberattacks against a UK firm that's criticized Russia's war.
The Telegraph reports that Britain's National Cyber Security Center (NCSC) and Scotland Yard are investigating a series of denial-of-service (DDoS) attacks the alt-currency firm Currency.com has sustained since its founder criticized Russia's war at the end of February. Victor Prokopenya, the company's founder, said: “The cyber attack has been going on almost on a daily basis every day for the last three months. It’s like someone repeatedly trying to break down your front door.” He said his security team is convinced that the attack is Russian in origin. The NCSC believes that the operators behind the DDoS are privateers as opposed to Russian government organizations.
Killnet says its cyber operations will soon turn (literally) lethal.
Killmilk, the nom-de-hack used by the person or persons who claim to be the founder (or founders) of the nominally hacktivist group Killnet, has upped the ante on earlier promises to punish "the West" for its support of Ukraine, and especially for its provision of HIMARS rocket artillery. "In Russia, I will become a hero, and abroad, a criminal," Newsweek quotes Killmilk as saying in an interview posted to Gazeta.ru. He added, "Soon, I and Killnet will launch powerful attacks on European and American enterprises, which will indirectly lead to casualties. I will do my best to make these regions and countries answer for each of our soldiers."
Killnet had announced, last week, that it was undertaking a radically new form of cyberattack against targets it regarded as particularly objectionable, notably Lockheed Martin, which produces HIMARS, and against some unspecified system or subsystem of HIMARS itself. But so far nothing has materialized.
It's notable, perhaps, to see the repeated Russian theme, "we're not threatening nuclear war, but we're threatening nuclear war" surface in Killmilk's remarks. "We are crazy guys, but we see the boundaries and are not going to cross them," Killmilk said. "I don't think that because of several dozen human casualties, nuclear missiles will fly in the face of Lockheed Martin employees." That is, nice company you got here; shame if something happened to it.