Call To Cyber Attack On German Arms Maker By Pro Rusian Hacker Group – Killnet
Rheinmetall supplying Ukraine with automated reconnaissance systems
At the behest of the German government, Rheinmetall is supplying Ukraine with automated reconnaissance systems. These are primarily used for monitoring large areas of terrain with as few personnel as possible. Rheinmetall is cooperating in this project with the Estonian company DefSecIntel. Known as the SurveilSPIRE, these reconnaissance systems consist of mobile surveillance towers with day and night-capable camera equipment, autopiloted mini drones and a control system. The scope of delivery also includes transport vehicles. The order is worth a figure in the double-digit million-euro range. Delivery has already commenced.
Made by Estonia’s DefSecIntel, the SurveilSPIRE surveillance towers can be loaded onto trailers and quickly transported to their area of operation. Assembly requires three personnel; operation is fully automated. The system includes wireless links (4G and Starlink) for video transmission to a mobile command post. Solar panels enable sustained operation without power cables or a fuel source. The system relies on autopiloted reconnaissance drones that conduct patrols and mission-specific flights. This enables inspection of detected threats and lets the operator initiate necessary countermeasures.
Rheinmetall is already taking part in several projects in support of Ukraine. On behalf of the German government, for example, Rheinmetall subsidiary Zeppelin Mobile Systeme GmbH is supplying Ukraine this year with a turnkey field hospital. Moreover, along with other defense materiel to help it repel the Russian invasion, Ukraine is taking delivery of 26 brand new high-mobility HX swap-body trucks.
Furthermore, Rheinmetall is a partner in multiple multilateral “Ringtausch” transactions. This procedure, developed by the German government, is designed to support the Ukrainian war effort in cooperation with Germany’s European neighbours and NATO partners. Here, NATO member nations transfer Soviet-era equipment to Ukraine in exchange for surplus Western-made systems.
Source: Rheinmetall , Euromaidan Press , Soldier Systems
Killnet leader urges cyberattack on German arms maker Rheinmetall
The attack coincides with Rheinmetall bosses discussing a new tank factory in Ukraine as the Russian invasion of the Eastern European nation continues.
On March 4, Rheinmetall’s CEO Armin Papperger said the German manufacturer was mulling setting up a tank factory in Ukraine that could produce as many as 400 Panther tanks a year.
Kyiv seeks to acquire as much heavy equipment as possible before a likely spring offensive against occupying Russian forces.
Killnet has been targeting pro-Ukrainian governments and organizations for almost a year. For example, last month the group targeted the US healthcare system.
While experts have warned people not to underestimate threat actors that mostly employ distributed denial-of-service (DDoS) attacks, their effectiveness remains an open question: most of Killnet’s targets suffer a few hours of downtime before returning to normal operations.
Killmilk, the leader of pro-Russian hacker collective Killnet, posted a call to cyber arms on his Telegram channel. The internet protocol (IP) targets include Rheinmetall’s IT infrastructure in Germany and Australia.
Several IP addresses lead to Munich and Dusseldorf, where the company is headquartered, and Australia, where it operates a subsidiary called Rheinmetall Defense Australia.
Rheinmetall’s representative confirmed to Cybernews the company noted an increased number of requests from the network. However, Rheinmetall’s IT Security team did not notice any serious challenges for the company’s IT infrastructure to resume working.
Below is a little Background on Killnet showing their footprints of atrocities in the dark space.
Killnet is a pro-Russia hacker group known for its DoS (denial of service) and DDoS (distributed denial of service) attacks towards government institutions and private companies in several countries during the 2022 Russian invasion of Ukraine. The group is thought to have been formed sometime around March 2022.
Attacks by Killnet
1. Romania
See also: 2022 DDoS attacks on Romania
Killnet were behind attacks on Romanian government websites from 29 April 2022 to 1 May 2022.[3]
2. Moldova
See also: Moldova–Russia relations
Following explosions in unrecognized Transnistria, the Information and Security Service of the Republic of Moldova reported that the pro-Killnet hacking group had launched a series of cyberattacks from abroad against websites of Moldovan official authorities and institutions. This was days after the attack on Romanian websites.[4]
3. Czech Republic
Killnet claimed responsibility for attacks on Czech state institution web sites in April 2022.[5]
4. Italy
The websites of the Istituto Superiore di Sanità and the Automobile Club of Italy were attacked on Friday 14 May 2022 The Italian Senate website was attacked and blocked for an hour in the same attack.[6] On May 29, 2022, they announced an “irreparable damage” attack on Italy scheduled for the following day. On May 30, 2022, it attacked Italy and managed to block a few websites, while the attack on the CSIRT site was unsuccessful. The attack was not as devastating as predicted. Killnet later complimented the CSIRT for their defensive work, mocking the government to raise a few thousand dollars to the team for their work.
Attack on Eurovision 2022
Further information: Eurovision Song Contest 2022 § Attempted cyber attacks
Killnet hackers are suspected of having made an attempt to block the Eurovision Song Contest website during Ukraine’s performance at the 2022 contest with a DDoS attack, which was blocked by the Italian state police, however, the group denied on their Telegram channel that their attack had failed. They subsequently attacked the state police site emphasizing how they blocked the attack on Eurovision and not the same.[6] Following the attack, they threatened to attack 10 European countries, including Italy.[6]
5. Lithuania
The group claimed responsibility for the DDoS attacks against Lithuanian network infrastructure.[7][8][9] They said that the cyber attack on Lithuania was in retaliation for it stopping transit of goods to Russia’s Kaliningrad exclave.[7][8][9]
6. Norway
The group targeted Norwegian organizations through various DDoS attacks on June 28, 2022. The National Security Authority of Norway believed no private data was compromised.[10][11]
7. Latvia
Killnet targeted Latvia‘s public broadcaster in the largest cyberattack in the country’s history. The broadcaster said the attack was repelled.[12]
8. United States
On 1 August 2022, the group and its founder called “Killmilk” claimed responsibility for a cyber-attack on the American defence corporation Lockheed Martin, as a retaliation for the HIMARS systems supplied by U.S. to Ukraine. The group said that the Lockheed Martin “is the actual sponsor of world terrorism” and that “is responsible for thousands and thousands of human deaths.” Shortly before the attack, the group announced it will carry out a new type of cyber-attack, different from their DoS and DDoS cyber-attacks carried out before. Killmilk said the attack targeted Lockheed Martin’s production systems as well as informations about the company’s employees for them to be “persecuted and destroyed around the world!”.[13]
Several US airport websites were attacked on 10 October 2022.[14]
9. Japan
On September 6, 2022, Killnet announced that it had attacked 23 websites of four ministries and agencies, including e-Gov, a portal site for administrative information administered by the Digital Agency, and eLTAX, a local tax website administered by the Ministry of Internal Affairs and Communications, as well as the social network service. On September 7, they also posted a video declaring war on the Japanese government and announced that they had attacked the Tokyo Metro and Osaka Metro.[17][18] At a press conference on the same day, Chief Cabinet Secretary Hirokazu Matsuno explained that no information had been leaked as a result of this attack at this time. As for Killnet’s involvement, he stated, “We are aware that they are hinting at a criminal act, but we are still confirming the cause of the failure, including the relevance.[16]
10. Georgia
According to the Twitter post published by the threat research firm CyberKnow, Killnet and their founder, Killmilk threatened that they would attack the Georgian government if it continues to work against the Russian Federation.[19]
11. Germany
On January 26, 2023, the German Federal Office for Information Security (BSI) announced that a wide-ranging DDoS attack against various agencies and companies in Germany was taking place since the night before.[20] According to the BSI, websites from airports were particularly affected, as well as those of companies in the financial sector and those of the federal and state administrations.[20] The attacks had been announced in advance by Killnet, supposedly as retaliation for the German government’s decision to send Leopard 2 battle tanks to the Ukraine.[21]
These are interesting times where Technology can empowered a few individuals with laptops to compel a country with well instituted government to the negotiating table.
Leave a Comment