Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

DDoS Attacks Hit NATO, Ukrainian Media Outlets

As pro-Russia hackers continue DDoS campaigns, Anonymous-branded propaganda reports "imminent US invasion of the Ukraine."

9 Notorious Hackers Of 2013
9 Notorious Hackers Of 2013
(Click image for larger view and for slideshow.)

Multiple NATO and Ukrainian media websites were hit with distributed denial-of-service (DDoS) attacks over the weekend by a pro-Russia group calling itself Cyber Berkut (KiberBerkut). "DDoS attack on some #NATO sites ongoing but most services restored," NATO spokeswoman Oana Lungescu tweeted Sunday. "Integrity of NATO data & systems not affected. We continue working on it."

The DDoS attacks against NATO were launched after secretary general Anders Fogh Rasmussen -- a former prime minister of Denmark -- said Friday that NATO would not recognize the results of the planned "so-called referendum in Ukraine's Autonomous Republic of Crimea," on the grounds that it violated both the Ukrainian constitution and international law. "Holding this referendum would undermine international efforts to find a peaceful and political solution to the crisis in Ukraine," he said. "It would run counter to the principles of the United Nations Charter. It is vital that those principles be upheld."

But according to Cyber Berkut, the attacks were launched Saturday in response to a small delegation of NATO officials arriving in the Ukrainian capital of Kiev earlier this month. Cyber Berkut decried "the NATO occupation of our homeland" and also appeared to threaten citizens of NATO member countries. "If NATO cannot protect their resources, the protection of personal data of ordinary Europeans cannot be considered," the group said Sunday in a post to Pastebin.

[British cyber agents target hackers' chat rooms. Read British Spies Hit Anonymous With DDoS Attacks.]

In recent weeks, the group has also launched DDoS attacks against media sites that it's accused of purveying "fascist and nationalist propaganda," which apparently means that not sufficiently pro-Russia. On Sunday, there were attacks against five general-interest Ukrainian media sites. Earlier this month, it also claimed to have blocked 700 mobile phones used by a Ukrainian neo-fascist junta.

Fascists are the straw men in a campaign being waged either by Ukrainians who want their country to become part of Russia, or by the Kremlin itself. Furthermore, related propaganda extends far beyond just one supposed hacktivist outfit.

"Cyber Berkut (@cyberberkut1) is not the only pro-Russia 'hacktivist' group working against Ukrainian independence," said Jeffrey Carr, CEO of Taia Global, in a blog post. "Anonymous Ukraine (@FreeUkraineAnon on Twitter) is another. In fact, they attacked the NATO Cooperative Cyber Defense Center of Excellence (CCDCOE) website back on November 7, 2013, as well as Estonia's Ministry of Defense website [where the CCDCOE is headquartered]."

But is Anonymous Ukraine composed of what might be described as regular members of the hacktivist collective, or has the hacktivist brand name simply been co-opted?

Last week, the state-backed Voice of Russia reported that Anonymous Ukraine had uncovered evidence that the US planned to invade the Ukraine. The report said that beginning this past Saturday, "[T]he United States, through its agents in Ukraine, will begin a series of false flag attacks on targets in Ukraine which have been designed to make it look as if they were carried out by the Special Forces of the Russian Federation."

The outlet also claimed that Anonymous Ukraine -- as part of Operation Independence -- had released a series of emails from the US Army assistant attaché Jason P. Gresh to a senior official of the General Staff of the Ukrainian Army named Igor Protsuyuk. In them, Gresh tells Protsuyuk, "Your job is to cause some problems to the transport hubs in the south-east in order to frame-up the neighbor. It will create favorable conditions for Pentagon and the Company to act. Do not waste time, my friend."

Carr ridiculed the supposed smoking gun. "I mean -- really? 'It will create favorable conditions for Pentagon' sounds remarkably like 'We don't need computer weapon to kill moose and squirrel,'" he said, referencing the cinematic masterpiece, The Adventures of Rocky and Bullwinkle. Finding this was really the highlight of my night. I'm still laughing," he said.

What about the supposed involvement of Anonymous? "This is a textbook example of how Anonymous with its anarchist framework, We are all Anonymous, can be easily co-opted to support the political agenda of a nation state while appearing to be an opposition movement," said Carr.

That agenda appears to be a push by some parties to make at least Crimea a part of Russia. On that front, furthermore, the Sunday referendum decried by NATO went ahead. Mikhail Malishev, head of the government commission that oversaw the referendum, reported Monday that 97% of the votes that were cast -- with a turnout of 83% -- were for Crimea to become part of Russia. That said, according to some reports, many members of the region's large Muslim Tatar minority abstained from voting.

In response to the vote results, NATO said Monday that it still regards the referendum to be illegal and illegitimate, and that no members of the alliance will recognize the results. It also criticized "the rushed nature of the poll under conditions of military intervention and the restrictions on -- and the manipulation of -- the media, which precluded any possibility of free debate and deliberation and deprived the vote of any credibility."

Pen testing helps companies become more secure by finding and analyzing their insecurities, but pen test services can be fraught with their own kind of risk. In this Dark Reading report, we recommend what to look for in a provider and its wares, how to get what you pay for, and how to ensure that pen testing itself doesn't open the company or its employees up to new risk. Read our Choosing, Managing And Evaluating A Penetration Testing Service report today. (Free registration required.)

Mathew Schwartz served as the InformationWeek information security reporter from 2010 until mid-2014. View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
rjones2818
50%
50%
rjones2818,
User Rank: Strategist
3/18/2014 | 10:20:25 AM
Re: Who knew?
Matthew,


Stick to reporting the facts.  Your political analysis smacks of propaganda of the lowest kind.
Mathew
50%
50%
Mathew,
User Rank: Apprentice
3/18/2014 | 6:08:00 AM
Re: Who knew?
And today scientists announce finding gravity waves from the Big Bang. Truly, something is afoot with the universe.
BobR960
100%
0%
BobR960,
User Rank: Apprentice
3/17/2014 | 5:25:02 PM
Who knew?
Wow! Who could have possibly seen this coming??? Hmmmm.. 

http://www.newsmax.com/Newsfront/sarah-palin-predicted-ukraine-russia/2014/03/02/id/555549/
Mobile Banking Malware Up 50% in First Half of 2019
Kelly Sheridan, Staff Editor, Dark Reading,  1/17/2020
Active Directory Needs an Update: Here's Why
Raz Rafaeli, CEO and Co-Founder at Secret Double Octopus,  1/16/2020
Google Lets iPhone Users Turn Device into Security Key
Kelly Sheridan, Staff Editor, Dark Reading,  1/15/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
The Year in Security: 2019
This Tech Digest provides a wrap up and overview of the year's top cybersecurity news stories. It was a year of new twists on old threats, with fears of another WannaCry-type worm and of a possible botnet army of Wi-Fi routers. But 2019 also underscored the risk of firmware and trusted security tools harboring dangerous holes that cybercriminals and nation-state hackers could readily abuse. Read more.
Flash Poll
How Enterprises are Attacking the Cybersecurity Problem
How Enterprises are Attacking the Cybersecurity Problem
Organizations have invested in a sweeping array of security technologies to address challenges associated with the growing number of cybersecurity attacks. However, the complexity involved in managing these technologies is emerging as a major problem. Read this report to find out what your peers biggest security challenges are and the technologies they are using to address them.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-5647
PUBLISHED: 2020-01-22
The Chrome Plugin for Rapid7 AppSpider can incorrectly keep browser sessions active after recording a macro, even after a restart of the Chrome browser. This behavior could make future session hijacking attempts easier, since the user could believe a session was closed when it was not. This issue af...
CVE-2011-3612
PUBLISHED: 2020-01-22
Cross-Site Request Forgery (CSRF) vulnerability exists in panel.php in UseBB before 1.0.12.
CVE-2011-3613
PUBLISHED: 2020-01-22
An issue exists in Vanilla Forums before 2.0.17.9 due to the way cookies are handled.
CVE-2011-3614
PUBLISHED: 2020-01-22
An Access Control vulnerability exists in the Facebook, Twitter, and Embedded plugins in Vanilla Forums before 2.0.17.9.
CVE-2011-3621
PUBLISHED: 2020-01-22
A reverse proxy issue exists in FluxBB before 1.4.7 when FORUM_BEHIND_REVERSE_PROXY is enabled.