Russian news channels were knocked offline by what is being reported as a distributed denial of service (DDoS) cyberattack during President Vladimir Putin’s annual state of the nation speech earlier today. The IT Army of Ukraine has claimed responsibility for the attack, alongside a gang with reported connections to anti-Russian government protestor Alexei Navalny.
The incident follows reports that Russia-supporting hacking gang Killnet has been actively targeting websites belonging to Nato, as the low-level cyber element of the Russia-Ukraine conflict shows no signs of abating.
Putin’s speech interrupted by DDoS attack
Putin addressed the current state of the Russia-Ukraine war during his annual state of the nation speech earlier today, explaining, among other things, that Russia would be suspending its participation in the strategic offensive arms treaty. The START treaty caps the number of warheads the US and Russia can deploy.
During the speech, All-Russia State Television and Radio Broadcasting Company (VGTRK) and the Smotrim streaming platform were inaccessible for large portions of the speech. VGTRK displayed the message “technical works are being carried out” and Smotrim would simply not load, reports Reuters. Both sites appear to be back online now.
State-run RIA Novosti news agency said the outage was the result of a DDoS attack. Hacktivist group the IT Army of Ukraine has claimed responsibility for the attack on Twitter, saying, “Great Job! We launched a DDoS attack on channels showing Putin’s address to the federal assembly.”
💥💥 Great job! 💥💥— IT Army of Ukraine (@ITArmyUKR) February 21, 2023
We launched a DDoS attack on channels showing putin’s address to the federal assembly:
1TV, VGTRK and SMOTRIM
Slava Ukraini 🇺🇦✊#OpRussia #Russia #Ukraine #RussiaIsATerroristState pic.twitter.com/MsVHsw5TBF
Another hacking gang, said to be supporters of anti-Putin opposition member Alexei Navalny, has also claimed responsibility for the attack, reports Newsweek, saying it worked with other hackers to take the sites offline.
A similar attack was carried out recently during a speech by Iranian president Ebrahim Raisi, where The Edelat-e Ali group hijacked the broadcast to call for the downfall of the government and to urge people to take part in nationwide protests.
Russia-Ukraine hacktivism has become a feature of the war
The politically motivated attack comes days after Russia-aligned cybercriminal group Killnet announced it was going to launch multiple DDoS attacks at Nato websites.
The gang used messaging app Telegram to announce its plans, and requested donations in cryptocurrency from individuals and organisations who support Russia, saying the donations would go towards further attacks.
Nato secretary general Jens Stolberg said his organisation was taking the necessary protective measures. “The majority of Nato websites were functioning as normal,” he said, while the organisation’s technical teams were “working to restore full access”.
Killnet is said to have disrupted contact between Nato and military aircraft providing aid to victims of the earthquakes in Turkey and Syria which have claimed more than 30,000 lives. Its attacks may have also affected networks used by Nato’s Strategic Airlift Capability, a programme that provides military aircraft capabilities.
Nato is not having too much trouble deflecting the attacks, however, explains Jake Moore, global cybersecurity adviser at ESET. “Although access denial to a website can be frustrating, this can be mitigated with simpler efforts such as reducing the attack surface area and deploying firewalls for sophisticated application attacks,” Moore says. “When data is not stolen, the threat is immediately reduced.”
That’s not to say the attacks are without their risks. “DDoS attacks can also be the gateway to more serious cyberattacks also, so it would be vital for Nato to step up security nevertheless,” Moore says.