Russian hacktivists vow mass attacks against EU elections
But do they get to wear 'I DDoSed' stickers?
A Russian hacktivist crew has threatened to attack European internet infrastructure as four days of EU elections begin on Thursday.
The NoName57(16) crew, which is one of the pro-Russia hacktivist gangs that sprung up shortly after the invasion of Ukraine, said seven other groups (plus "more teams that wish to remain anonymous") plan to participate in the plan to punish the EU for opposing the illegal invasion of Ukraine.
The digital assault, according to a post shared by Daily Dark Web, would be in retaliation for European Parliament-issued sanctions along with "Russophobia and double-standards of European authorities." They claim that the EU has ignored an alleged genocide in the Ukrainian region of Donbas – territory which is now under heavy attack from Russia.
And while the groups don't specify what they have planned, we'd assume any cyber attacks – if they materialize at all – will include the usual distributed denial of service (DDoS) disruption, which is the preferred menace from NoName and its fellow hacktivist crews like KillNet, Anonymous Russia, and the People's Cyber Army.
While NoName's earlier network-traffic-flooding attacks targeted Ukrainian websites, including media outlets, the gang has also claimed responsibility for DDoS attacks against European sites – usually in response to those governments' support of Ukraine.
More recently, some of these pro-Russia crews have turned their attention to attacking drinking water and other critical systems, prompting an alert from government agencies in the US, UK and Canada. In a May notice [PDF], the authorities warned of "pro-Russia hacktivists targeting and compromising small-scale OT systems in North American and European water and wastewater systems, dams, energy, food and agriculture sectors."
Mandiant's threat hunters have also linked some of the hacktivist collectives to the Russian military Sandworm gang.
- Germany points finger at Fancy Bear for widespread 2023 hacks, DDoS attacks
- Russia, Iran pose most aggressive threat to 2024 elections, say infoseccers
- Kremlin's Sandworm blamed for cyberattacks on US, European water utilities
- FBI: Russian hacktivists achieve only 'limited' DDoS success
The European Parliament did not immediately respond to The Register's inquiries about NoName's threats.
Prior to polls closing in The Netherlands on June 6, however, Dutch political parties were reporting DDoS attacks. HackNet – one of the crews listed in NoName's cyber attack announcement – claimed responsibility for clogging the election contenders' sites with spammy network traffic.
When asked about the cyber attack announcement, Mandiant chief analyst John Hultquist cautioned against people overstating these attacks and aiding nation-state actors like Russia and Iran in their larger goals behind being a digital nuisance.
"We should certainly prepare, but it's important that we don't do these actors' jobs for them," Hultquist told The Register. "Their goal here is to create an impact beyond what is possible with cyber attack. They want to raise doubts in the security of the election with threats and superficial attacks, but their ability to truly undermine our security remains limited." ®