Pro-Russia Killnet Group Takes Down the European Parliament Website
Considering the EP website went under for just around four hours, it is hard to put the finger on what exactly constituted “sophisticated” in the DDoS attack.
The European Parliament was hit by a distributed denial of service (DDoS) attack. On Wednesday, president Roberta Metsola confirmed that the European Parliament website was under a “sophisticated” cyberattack, the responsibility for which was claimed by the pro-Russia Killnet group.
The European Parliament website was taken down following a cyberattack by the Killnet group, according to vice president Eva Kaili who spoke with Politico. The DDoS attack, confirmed by Killnet on its Telegram channel, comes on the heels of the European Parliament (EP) overwhelmingly calling for greater isolation of Russia and declaring Russia a state sponsor of terrorism.
Considering the EP website went under for just around four hours (the time between Metsola’s confirmation and EP spokesperson Jaume Duch’s tweet about the restoration of services), it is hard to put the finger on what exactly constituted “sophisticated” in the DDoS attack.
Xavier Bellekens, CEO of Lupovis, told Spiceworks News and Insights, “Fortunately, it looks like the EU parliament has been able to defend the availability of its services, but it does show there is no smoke without fire.”
Nevertheless, Killnet’s pattern indicates it has sidestepped its commercial motivations to fulfill its sense of obligation to Russia to retaliate against any action that may be considered anti-Russian. The group has openly declared allegiance to Russia in its military campaign against Ukraine and, by extension, the economic and geopolitical campaign against the western world.
“When organizations or governments ally themselves with Ukraine, or when they oppose Russia’s invasion, we often see them suffer a tsunami of attacks in retaliation. These are not just from nation-state actors, but hacktivists and patriotic hackers as well,” Bellekens added.
For instance, it recently targeted websites of the British Army, Bankers Automated Clearing Service (BACS), the London Stock Exchange, and Prince of Wales’s website “due to the supply of high-precision missiles to Ukraine” and the U.K. government’s support to Ukraine.
See More: How CLDAP Reflectors Enable DDoS Attacks & Ways to Reduce Your Exposure
The group has previously targeted defense and aerospace company, Lockheed Martin, as retribution for its supply of the M142 High Mobility Artillery Rocket System (HIMARS) rocket artillery launcher and tactical ballistic missile system to Ukraine and later took down nearly two dozen U.S. airport sites, among others.
Killnet’s latest DDoS excursion comes after the following statement was issued by the European Parliament: “Parliament calls on the European Union to further isolate Russia internationally, including when it comes to Russia’s membership of international organisations and bodies such as the United Nations Security Council. MEPs also want diplomatic ties with Russia to be reduced, EU contacts with official Russian representatives to be kept to the absolute minimum and Russian state-affiliated institutions in the EU spreading propaganda around the world to be closed and banned.”
Notwithstanding Killnet’s politically-motivated cyberattacks, the group isn’t known to be a state-sponsored entity by any cybersecurity or government organization.
Officially, the Russian response to EP’s declaration, coming from the country’s foreign ministry spokeswoman Maria Zakharova, was, “I propose designating the European Parliament as a sponsor of idiocy.”
The group treats the U.S., Estonia, Germany, Poland, Romania, Latvia, Lithuania, Italy, and any NATO-allied country as an adversary. Killnet was one of the eight cybercriminal entities that a Cybersecurity and Infrastructure Security Agency (CISA) advisory, dated April 2022, warned organizations against.
Let us know if you enjoyed reading this news on LinkedIn, Twitter, or Facebook. We would love to hear from you!
Image source: Shutterstock
MORE ON CYBERATTACKS
