On April 10th, the North Atlantic Treaty Organization (NATO) experienced a significant cyber attack resulting in the temporary paralysis of 40% of the alliance’s electronic infrastructure for several hours. The attack impacted a considerable portion of NATO’s digital systems, causing a disruption in their operations.
As per a report on securityboulevard.com, several entities including KillNet, Cyber Berkut, and Black Kite are suspected to have been involved in a series of cyber attacks. The primary targets of these attacks were websites associated with defense orders, security operations, and logistical support for NATO, along with databases and resources crucial for the smooth functioning of NATO’s regular operations. The severity and impact of these attacks are yet to be fully ascertained.
As per cybersecurity experts, a distributed denial-of-service (DDoS) attack has been launched on multiple targets, rendering access to work accounts and redirection to other websites impossible for users. The targets impacted include the War Development Command, NATO’s Procurement and Support Agency, and Cyber Training Centers, with the NATO Communications and Information Service (NCI) also affected. The hackers potentially gained access to personal information of employees, including portals meant for officials to make critical political decisions.
The attack is believed to have seriously impacted NATO’s security system, necessitating significant effort to restore the functionality of the affected facilities and carry out verification and identification of the entities involved, in addition to bolstering preventive measures against similar attacks.
Before Finland was admitted as the 31st member of the NATO bloc on April 4, a group called Black Kite issued a notice referencing Killnet, which read: “Glory to Russia, leave it here. Killnet’s ultimate attack.” The group also made the statement: “Maybe we’ll all be jailed after this, but know one thing, brothers and sisters: I’m Russian, my people are Russian – we support you, we support you Russia!”
In another post on his personal blog, a user by the name of Dikbiyik noted that Killnet has a reputation for launching attacks on critical infrastructure, healthcare institutions, airports, and public institutions. Dikbiyik also stated on Medium that: “There is a high probability that similar targets will be affected by the upcoming KillNet campaign,” and that “They claim to be targeting the healthcare industry in Western countries, including the US.”
A spokesperson for NATO confirmed that the cyberattacks had caused DDoS issues, but reassured the public that no data had been compromised in the incident.
