2 min Security

Google uncovers alliance between Russia’s military and hacktivists

Google uncovers alliance between Russia’s military and hacktivists

Google’s Mandiant unit discovered proof that Russia’s military intelligence agency is working with three pro-Russian hacktivist groups. The Wall Street Journal broke the news on Friday.

Google acquired Mandiant in a $5.4 billion deal that concluded earlier this month. The organization offers cybersecurity services that help businesses respond to cybersecurity incidents in their corporate networks. Mandiant also gathers threat intelligence on hacker activities.

Mandiant has uncovered what seems to be a collaboration between Russia’s military intelligence agency (GRU) and three hacktivist organizations in recent months. According to the unit, the organizations in question are XakNet Team, Infoccentr and CyberArmyofRussia_Reborn.

Data wiping malware attacks

Mandiant monitors cyberattack operations as part of its attempts to collect data on hacker behaviour. Mandiant found four breaches in recent months in which GRU installed data wiping malware on firms’ networks. Hacktivists published data taken from the organizations affected by the data wiping malware within 24 hours of each incident.

Killnet, one of the three hacktivist groups in the released report, has launched distributed denial-of-service (DDoS) attacks against companies in Japan, Italy, Norway, Estonia and Lithuania. During a DDoS attack, the perpetrator tries to overwhelm an organization’s servers with network requests.

Killnet appears to be a clear and present threat

Governmental websites in Lithuania were attacked with at least two rounds of DDoS attacks in June. Killnet has claimed responsibility for several of the attacks.

The DDoS attacks were uncommon because they never reached a debilitating level, despite persisting for an extended time. Killnet also took credit for a series of DDoS attacks that targeted Estonian organizations in August.

According to the new report, the hackers targeted the institution’s systems with up to 200 terabytes of data per second in an attempt to overload them. Estonia successfully resisted the DDoS attacks.

Tip: Akamai stops record-breaking DDoS attack on EU client