The usual cybercriminal coalition formed by NoName, Russian Cyber Army, and UserSec, announced a massive operation today. The targets: several NATO websites spread across several countries. These are Belgium, Norway, and Slovakia.
The news about the attacks was posted by NoName on their public platform. The hackers announced the operation in their typical mocking manner, hinting at future strikes. This isn’t the first time that NATO-related websites have been hit by NoName.
Cyberattacks are used by pro-Russian actors to weaken anti-Russian forces and pro-Ukrainian states across the world. Most of the attacks are targeted at the Ukrainian government, but Ukraine’s allies have also attracted their fair share of breaches.
The standard attack method is the DDoS breach. This relies on sending millions of requests to the target website, eventually crashing the infrastructure and causing the website to shut off.
According to NoName’s original post, the targets today have been:
NoName has become famous for targeting all anti-Russian agencies and actors across the globe. The pro-Russian hackers prioritize those who are actively involved in the ongoing war. This refers primarily to governments sending aid packages to Ukraine.
They also target organizations (state-owned or not) that support Ukraine passively or push anti-Russian narratives. NoName also qualifies as the most active and aggressive pro-Russian cybercriminal actor, amassing several victims per day, every day.
Unlike NATO and typical Western military and political organizations, which are well-structured and compact, cybercriminal entities are disorganized and loose. They don’t have a specific structure and don’t function in a single block.
Rather, there are separate entities that work towards similar goals, but from different platforms. NoName, UserSec, Russian Cyber Army, XakNet, KillNet, these are just some of the names present on the global stage right now.
The gangs usually conduct rogue attacks on Western infrastructure, but will sometimes collaborate to conduct more extensive operations. Today’s attacks fall in the latter, showing how even disorganized structures can put together well-planned hits.
NoName is typically the orchestrator in these types of situations, given that it appears to have the most resources, know-how, and experience. The gang first appeared publicly in 2022, shortly after Russia invaded Ukraine.
Since then, the pro-Russian actor has produced at least one victim per day, usually several, for the past 2 years. And it doesn’t appear to slow down.
NoName’s goals are transparent and straightforward: attack all those who either support Ukraine or denigrate the Russian state. Or both. DDoS attacks are the weapon of choice, because they are cost-effective, reliable, and deliver a clear message.
While NoName’s attacks haven’t made a noteworthy difference in the West’s determination to aid the Ukrainian government, they haven’t been totally benign either. Only future will tell how the situation will evolve over time.
We believe security online security matters and its our mission to make it a safer place.