Pro-Russian 'Hacktivists' Temporarily Disrupted Some US State Government Web Sites (cnn.com) 20
"Russian-speaking hackers on Wednesday claimed responsibility for knocking offline state government websites in Colorado, Kentucky and Mississippi, among other states," reports CNN, calling it "the latest example of apparent politically motivated hacking following Russia's invasion of Ukraine.... The websites in Colorado, Kentucky and Mississippi were sporadically available Wednesday morning and afternoon as administrators appeared to try to bring them online."
The Kentucky Board of Elections' website, which posts information on how to register to vote, was also temporarily offline on Wednesday, but it was not immediately clear what caused that outage. The board of elections' website is also managed by the Kentucky government, though the hackers did not specifically list the board as a target.... Websites like that of the Kentucky Board of Elections are not directly involved in the casting or counting of votes, but they can provide useful information for voters....
The hacking group claiming responsibility for Wednesday's website outage is known as Killnet and stepped up their activity after Russia's February invasion of Ukraine to target organizations in NATO countries. They are a loose band of so-called "hacktivists" — politically motivated hackers who support the Kremlin but whose ties to that government are unknown. The group also claimed responsibility for briefly downing a US Congress website in July, and for cyberattacks on organizations in Lithuania after the Baltic country blocked the shipment of some goods to the Russian enclave of Kaliningrad in June....
Officials at the FBI and CISA reiterated this week that any efforts by hackers to breach election infrastructure are "unlikely to result in largescale disruptions or prevent voting."
Government Technology supplies some context: Amsterdam-based threat intelligence technology and services provider EclecticIQ's Threat Research team said in a blog post that Killnet appears to only have the capacity to launch DDoS attacks with short-term impact, and falls short of dealing lasting damage to victims' network infrastructure. "Analysts believe that Killnet supporters are novice users with zero or limited experience with DDoS attacks, based on an analysis of Telegram messaging data and open-source reporting," EclecticIQ wrote.
CNN described Killnet's typical attacks as "crude hacks that temporarily knock websites offline but don't do further damage to infrastructure.
"Killnet thrives off of public attention and bravado, and cybersecurity experts have to strike a balance between being mindful of Killnet's online antics and not hyping a low-level threat."
The hacking group claiming responsibility for Wednesday's website outage is known as Killnet and stepped up their activity after Russia's February invasion of Ukraine to target organizations in NATO countries. They are a loose band of so-called "hacktivists" — politically motivated hackers who support the Kremlin but whose ties to that government are unknown. The group also claimed responsibility for briefly downing a US Congress website in July, and for cyberattacks on organizations in Lithuania after the Baltic country blocked the shipment of some goods to the Russian enclave of Kaliningrad in June....
Officials at the FBI and CISA reiterated this week that any efforts by hackers to breach election infrastructure are "unlikely to result in largescale disruptions or prevent voting."
Government Technology supplies some context: Amsterdam-based threat intelligence technology and services provider EclecticIQ's Threat Research team said in a blog post that Killnet appears to only have the capacity to launch DDoS attacks with short-term impact, and falls short of dealing lasting damage to victims' network infrastructure. "Analysts believe that Killnet supporters are novice users with zero or limited experience with DDoS attacks, based on an analysis of Telegram messaging data and open-source reporting," EclecticIQ wrote.
CNN described Killnet's typical attacks as "crude hacks that temporarily knock websites offline but don't do further damage to infrastructure.
"Killnet thrives off of public attention and bravado, and cybersecurity experts have to strike a balance between being mindful of Killnet's online antics and not hyping a low-level threat."
Re:Just like the good old days... (Score:5, Informative)
Why target a website in Kentucky? Because it was one of the high-profile ones they found that were vulnerable.
Sometimes it's prudent to remember that "The Russians", used in certain contexts, can mean 144 million people with their own set of distinct viewpoints.
Re: (Score:3, Interesting)
This is DEFINITELY state-sponsored. No question. Typical Russian psy-ops, working to undermine confidence in democratic systems. Last century, the left fringe of the democrats were fairly seriously in love with socialism, and the Russians exploited that by supporting left-wing extremists. Nowadays, the Democrats are.. well.. mostly (not entirely) all-in o
Re: (Score:1, Troll)
Re: (Score:3)
Re: (Score:2, Informative)
There is evidence of connection, there is no evidence for your claim of disconnection.
In short, no he's not. And neither are you. In fact, what you're doing is gaslighting.
Re: (Score:2)
If that's not enough for you, I'm not going to waste my time trying to disprove some nascent conspiracy theory that will just keep shapeshifting anyways. I'll be convinced if I read in the news that you've proven it in court.
Re: (Score:2)
It's not that this isn't useful for propagandist purposes. It's that implying that it's state sanctioned rather than just a bunch of hacktivists as claimed.
Had no one come forward and claimed responsibility, I'd be more persuaded by the 4D chess argument. Rather, I think this is some idiot kid Russians taking shots at US Govt websites because they can.
Re: (Score:3, Informative)
...when anything bad is immediately blamed on 'The Russians'.
Think about motive. Why would Russians hack a website in Kentucky? It makes no sense.
Why not? It's local to the people so more are inconvenienced.
Either that, or 'ol Mitch wasn't doing his part to protect Russians [dailykos.com] from being indicted [cnn.com] and sanctioned.
Re: Just like the good old days... (Score:1)
Then lets pick a previous argument....why would Canadians posing as russian hacktivests go to a government web site in kentucky? Because it has happened before....
Re: (Score:2)
I agree with you that attribution is important and sometimes faked, but according to the article the group claimed responsibility.
Obviously not a hacker (Score:1)
When you want revenge you take inventory of your adversary and attack weak points. Some random government website in Kentucky is a great place to put up a message and probably not that useful for spying or pivoting so that’s where you do your low effort website defacements.
Also we always blame Russia because they're very lenient when it comes to attacks outside their borders originating from inside. So they do a lot to be blamed for.
All the blackmail and still no action? (Score:3)
I don't know if anything of value was taken from the websites, but it still bothers me that at all levels of government, we don't take hacking and blackmail seriously.
It's real, it happens all the time, and various mitigation strategies exist. Why aren't they a priority?
Re: (Score:1)
Cybersecurity Experts (Score:1)
> Killnet thrives off of public attention and bravado, and cybersecurity experts have to strike a balance between being mindful of Killnet's online antics and not hyping a low-level threat."
Cybersecurity experts are trying to strike a balance between getting their names out in the mainstream press and embarrassing themselves publicly by hyping a bunch of skids.
Quid pro quo (Score:2)
Someone blew up their bridge, so they hacked one of ours... let's call it even, ok?
Russian passport (Score:1)