Posted on May 16, 2022 at 12:11 PM
The Italian police have prevented a pro-Russian hacking group from disrupting the May 14 semifinal of the Eurovision Song Contest in Turin.
The police stated it mitigated several cyberattacks during contestants’ performance and voting operations. It noted that the hacking activities were carried out by the hacker group known as Killnet and its affiliate, Legion.
The Attack Is Connected To The Ukraine-Russian War
The Eurovision Song Contest was won by Ukraine’s Kalush Orchestra with their entry Stefania. It’s no doubt an extension of the ongoing war in Ukraine, as the pro-Russian hackers wanted to prevent the Ukrainian representatives from winning the contest.
Since the invasion of Ukraine by Russia on February 24, many Western governments have increased their alert levels when it comes to cybersecurity. Many were anticipating attacks on infrastructure and IT systems against Ukraine and other countries aligning and supporting them.
Last week, pro-Russian hackers launched attacks on several Italian organizations and government institutions including the Senate and the Defense Ministry.
Although the attacks did not compromise any infrastructure, they prevented access to several websites. Italian authorities stated that the pro-Russian threat group Killnet has claimed responsibility for the attacks.
The group has been very active, targeting critical organizations and institutions in rival countries, especially those openly supporting Ukraine in the ongoing war.
Last month, Killnet launched attacks on Romanian government websites, saying the attack was due to Romanian support for Ukraine in the crisis. Based on the activities of the Killnet group, they are more likely to continue their attack and compromise other organizations.
After Ukraine was declared the winner of the contest, UK Prime Minister Boris Johnson joined a chorus of tributes to the victory. He noted that apart from the recognition of the talents of the orchestra team, the victory also shows that Ukraine is receiving massive support in the ongoing war. “It is a clear reflection of not just your talent, but of the unwavering support for your fight for freedom,” the Prime Minister tweeted.
The Ukrainian folk-rap group came first in the event while Britain’s Sam Ryder was runner up. The organizers of the event ousted Russia from participating after the country invaded Ukraine on February 24. According to the organizers, the move was rightfully done to keep politics from contests that promote friendship and diversity among nations.
Microsoft Releases Report Of Some Undisclosed Russian Cyberattacks
In another development, Microsoft says its researchers discovered some previously undisclosed threat actions from Russian hackers. The report includes some attacks that date back to a year before Russia invaded Ukraine. Microsoft’s vice president for customer security and trust, Tom Burt, in a blog post, elaborated on the report.
He noted that the research indicates that Russia’s cyber attacks seem to be strongly linked and directly timed with the country’s military operations. The threat groups generally target services and institutions.
Apart from impacting heavily on the systems of institutions in Ukraine, the attack has also disrupted people’s access to vital life services and reliable information. One of the aims of the series of attacks is to shake the confidence the people have in the Ukrainian government.
Although the report didn’t mention a particular target, it noted that government institutions, as well as telecommunication companies, are the most targeted.
Microsoft’s report also includes a timeline of Russian cyber operations the company’s security researchers have observed. According to the report, what has now been termed a Pro-Russian attack started preparing for conflict as early as March last year.
However, Russia has always denied any allegations linking it with cyber threat actors. But based on the overwhelming evidence from different security researchers, the cyber attacks and threats from Russian-sponsored actors are real.
The Hackers Use A Wide Range Of Techniques
Microsoft has also confirmed that the threat actors are using different techniques, including exploiting unpatched vulnerabilities, phishing attacks, and compromising IT service providers to gain unauthorized access to their systems. In several cases, the attackers gain footholds on the compromised system to enable them to strike later in the future. And in some cases, the goal is to gain battlefield and strategic intelligence to help Russia in the ongoing war.
Burt noted that Microsoft decided to share the information from its researchers to enable the public and other policymakers to prepare effectively for any attacks on their organizations. It will also enable the security community to know what to expect as the cyberwar between Ukraine and Russia goes on.