The KillNet Group

Posted 26 May, 2022 at 14:14

Author Kevin Hawkins on behalf of H2 Cyber Risk Advisory Services Ltd


“Greetings to all our enemies, today we officially declare cyber war on the government of ten countries. From now on, our attacks will include the United States, Great Britain, Germany, Italy, Latvia, Romania, Lithuania, Estonia, Poland, and Ukraine.”

Note: Acknowledgement to the ERC Centre

Now that’s a great way to start the day, and a little melodramatic.  But it’s actually a quote from an online video posted by the Killnet Group which is a group active for a few months now, aligned to Russia, and have declared war on 10 countries including the UK, threatening to attack their Critical National Infrastructure, which includes transport (rail), airports, government departments/agencies, but also attack it’s revenue sources, so finance organisations of all sizes, wholesale and retail outlets, and any business that supports those organisations in their supply chain, so all of us really.

They set themselves us in response to the IT Army of Ukraine and draw their manpower from around the world with differing levels of competency and experience.  Up to now they have primarily been attributed with attacks against airports including Gatwick, and some specifically targeted attacks against overseas police forces.

So, the question is, have effective are they likely to be and do I need to be concerned about it?  Well in short, they could be anything from a nuisance, to doing some real damage and as I have said on many occasions, SMEs are a target because many sit somewhere in the supply chain, already impacted by COVID and BREXIT, which could be crippled with a relatively few well placed cyber-attacks.  And of course, SMEs remain the easier target as their defences tend to be less comprehensive than perhaps they should be.

They have, so far, been mainly associated with Distributed Denial of Service (DDOS) attacks, particularly favouring a technique known as slow HTTP that requires very little bandwidth in comparison to other DDOS methods.  This technique utilises a web servers need for complete packets (a packet being around 80 bytes of data which is how data is ‘chunked’ up for transmission.  What this means, without being too boring, is that it uses less resources than other methods.  It targets thread-based web servers by occupying every thread with slow requests that are sent at just above the time out limit, preventing genuine users from connecting.

Many of you will not have your own servers but will, instead, by using cloud-based servers and so you are heavily reliant on your cloud-based provider.  Once mitigation may be to have more than one cloud-based provider and whilst this might seem an unnecessary expense, it does mean that you have a fail over plan.  This would require that your primary cloud provider, could back up to a second provider.  Not as hard as it sounds, and I have clients already doing this.

If you are using your own servers then careful monitoring and logging of server resource is highly recommended, having some way of identifying normal behaviour and looking for things that are out of the ordinary.  There is software and devices on the market that can do that for you.

Above all you should have a business continuity and disaster recovery plan in order to keep operating during times of strife.

H2 provides affordable and flexible one-off and ongoing data protection and cyber risk protection services.

 

To learn more about the services we provide please click here https://www.hah2.co.uk/

Alternatively, please feel free to give us a call or email

T: 0845 5443742

M: 07702 019060

E: [email protected]

More from H2 Cyber Risk Advisory Services Ltd

The New Normal
Article

The New Normal

17 May 2022
BREAKING NEWS - H2 WIDENS ITS E-LEARNING ACADEMY TO ENCOMPASS DATA PROTECTION
Video

BREAKING NEWS - H2 WIDENS ITS E-LEARNING ACADEMY TO ENCOMPASS DATA...

02 May 2022
Consequences of a Cyber-Attack
Article

Consequences of a Cyber-Attack

28 April 2022
The Cost of Getting Data Protection Wrong
Article

The Cost of Getting Data Protection Wrong

20 April 2022
Card image cap
user

H2 Cyber Risk Advisory Services Ltd

SME

Profile Feed
Established in 2016, H2 Cyber Risk Advisory Services is a specialist cyber security and data protection company that focuses on providing innovative and robust security solutions to the UK SME sector. Its founders, Kevin Hawkins and Bob Hay, are amongst the best qualified and most experienced...

57

Press Releases