Eurovision 2022 Ukraine’s Kalush Orchestra defeats Russian hacking threat

The same Russian threat actors who this week attacked Italian parliamentary and military websites and threatened to disrupt the UK’s National Health Service (NHS) services, may now have the Eurovision Song Contest 2022 final in their sights.

Threat group Killnet has threatened to “send 10 billion requests” to Eurovision’s online voting system and “add votes for some other country”.

What is Killnet?

The pro-Kremlin cybercriminal group Killnet prides itself on carrying out “military cyber exercises” to improve members’ skills, appears to be primarily involved in reasonably simple, albeit disruptive, distributed denial-of-service (DDoS) attacks.

MORE FROM FORBESRussian Military Hackers – $10 Million Bounty Offered by US Government

According to threat intelligence experts at Cyjax, Killnet first emerged in March after the Russian invasion of Ukraine. Using the newly released ‘Killnet Botnet DDoS’ feature, their first target was the hacktivist collective Anonymous. This involved shutting down the “Anonymous website”. Or at least it would have if such a thing existed.

As Cyjax explains, there is no central Anonymous site. “It’s more likely that a generic standalone Anonymous site was targeted to boost morale on the Russian side,” says Cyjax.

Killnet threatens to disrupt Eurovision 2022 final vote

In an apparent attempt to prevent or disrupt online voting for Ukraine’s current Eurovision favorites, the Kalush Orchestra, Killnet has hinted that it could target Eurovision servers. In a Telegram message, the group claimed to have already stopped the voting system. Or rather, that the DDoS Botnet may be behind the previous voting difficulties.

Russia was banned from competing in Eurovision 2022 following the invasion of Ukraine, and the Kalush Orchestra claimed that a victory would be a morale booster for the people of Ukraine.

A Eurovision spokesperson said the voting system has “a wide range of security measures to protect public participation” and this year will be no different in that regard.

Killnet also appears to withdraw threat from Eurovision 2022 final vote

As with many of these types of groups, it can be difficult to separate claims of liability for service interruptions from opportunism when sites experience unrelated technical difficulties. Strangely, the Killnet group appears to be distancing itself from these threats to the Eurovision final in the same message that makes them.

The group posted on Telegram claiming that Eurovision’s online voting servers were unsecured and threatened to send “10 billion requests and add votes to some other country”. However, it also stated that “there is no point in influencing online voting” and that further attacks “are not worth it”. The message is quite mixed to say the least. The threat is certainly there, although it is, frankly, unlikely whether it will result in anything.

Eurovision 2022 organizers must take special extra cybersecurity precautions this year

Jake Moore, former head of digital forensics at Dorset Police in the UK and now global cybersecurity consultant at ESET, says: Naturally, Eurovision organizers must take special cybersecurity precautions this year if they want to ensure that the security system voting remains as robust as possible.” Moore went on to say that bad actors intend to disrupt the final in any way possible, but that “DDoS protection is a simple win, as long as the organizers don’t underestimate the power of a denial of service attack. service”.

Leave a Reply

Your email address will not be published.