You can also listen to the article in audio version.
In the Czech Republic, the websites of the Ministry of the Interior, the National Office for Cyber and Information Security (NÚKIB) or Czech Railways have already become their target.
It also repeatedly targets other states that support Ukraine militarily or humanitarianly. And, for example, the US Department of Homeland Security has even ranked them among hacking groups that can threaten key state infrastructure institutions.
This is a group called Killnet. “We are ordinary Russian citizens and we will kick your ass,” the hackers wrote in a post on the social network Telegram.
Since the Russian invasion of Ukraine, Killnet has openly sided with Moscow. In the past, NATO member states sharply criticized the Telegram and in April published a list of several Czech institutions and companies to which they later targeted their attacks. In connection with this, they stated that “the Czechia is waiting for an apocalypse”.
Anonymous counterweight
Cyber Security Expert Karol Suchánek List The report said that Killnet is made up of so-called hacktivists, ie volunteers who want to achieve political and social change through hacking.
Probably the most famous hacktivist group on the planet is Anonymous, who clearly sided with Ukraine in the war. Killnet is supposed to be their counterpart.
According to available information, the group was formed at the beginning of this year and since its inception has presented itself as independent of the Russian regime.
She has repeatedly defended herself against the designation “pro-Kremlin”. “They present themselves on the Internet as Russian citizens, who have above all the good of Russia as such,” digital track expert David Havlík told Seznam Zprávy.
Photo: From the Killnet group’s account on the Telegram social network.
Killnet rejects the connection to the Kremlin.
There are several hacking groups from Russia, known as APT (Advanced Persistent Threat), which are supported or even organized by the Kremlin.
“I believe that the activity of this group is very close to the APT groups, which include the cybernetic units of the Russian intelligence service GRU,” Havlík continued, adding that evidence of Killnet’s connection to the regime of President Vladimir Putin is lacking.
Suchánek sees it similarly. “We certainly can’t rule out a connection to the Kremlin, but it’s almost impossible to prove it.”
Increase in attacks
The Czech Office for Cyber Security has previously stated that Killnet primarily wants to cause reputational damage. Karol Suchánek agrees with this. “From their point of view, they want to intervene with important state institutions and large corporations. Gain attention and harm, “he said.
According to NUKIB, there was an above-average number of hacker attacks in April, mainly due to Killnet. He was to account for more than a third of all incidents.
The attacks are also being dealt with by the National Center against Organized Crime (NCOZ). However, both institutions declined to provide more information about the group. Jaroslav Ibehej, a spokesman for the anti-mafia headquarters, only stated that the police are still investigating the hacker attacks.
The first wave of attacks on domestic institutions began on April 19, after the announcement that the Czechia would help Ukraine repair military equipment.
The situation was similar in other states that help Ukraine militarily or humanitarianly. The websites of French President Emanuel Macron were recently attacked, several Romanian state institutions and the UK hackers threatened to stop fans in hospitals.
Havlík claims that similar attacks are not in their power and that the Czech state would probably be able to defend itself against widespread damage to infrastructure. “I do not think they would be able to break down critical infrastructure as such, such as disconnecting a nuclear power plant. What we can really worry about is that these activist groups will try to disrupt the system through its weakest links, which are individual users and their devices, “he said.
Arsenal Killnetu
Killnet currently performs so-called DDoS attacks, during which the target server is overwhelmed and subsequently shut down. Although this type of attack will disable a website, it does not mean that attackers will gain access to sensitive data. “I’ve heard opinions that even retired people can handle it with good instructions,” Havlík commented on the low risk of this type of attack.
However, according to him, people pay little attention to their login details, which hackers can easily obtain in another way. “You don’t need more than passwords to steal any data. If people treat them the way they are now, that’s a problem. “
According to Havlík, the access of hackers to the facilities of a single irresponsible civil servant could have a fatal impact.
Suchánek also confirms the low vigilance of users, according to whom the risk of hacker attacks is often underestimated. “Users of the online world should definitely undergo safety training, at least basic, so that they can move safely in the online world,” he concluded.