At stake is the personal information of thousands of alliance employees. Experts warn that a cyber war is underway and that we should wait for more data to be released
On Monday, the pro-Russian hacking group Killnet offered for sale thousands of NATO data, which includes information on weapons, medicine and training centers of the alliance, for prices not exceeding one dollar (92 cents) for access. information. Experts warn that these groups act with ideological motivation, do not want money and will attack again.
“They don’t want money, they just want to create panic and release sensitive NATO information. It’s not cybercrime to collect money,” said Bruno Castro, cybersecurity expert and CEO of VisionWare.
Among the data for sale are the personal information of 17,000 cadets, 26,000 users with accreditation on NATO portals, as well as information on weapons, medical equipment and the alliance’s press service. In a video shared by the group, it is possible to see the personal information of employees of the alliance, from the photo to the address, telephone contact, passport data and what function they perform in the institution.
The group suggests that it initially put the access on sale for 3 Bitcoins (about 81 thousand euros), but that, due to the lack of interest, they decided to allow access to the data for the symbolic value of one dollar .
Copy of the message published by the group advertising the sale of the data.
The information appeared on the radars of the monitoring center of VisionWare, a Portuguese cyber security company that has a monitoring center for information linked to cybercrime.
For experts, this attack is not the first and will not be the last. For Bruno Castro, a cyber war is underway and there may be attacks that have already taken place and are just waiting for the right moment to be published.
“This attack is part of ongoing cyber warfare, part of a series of attacks that are taking place. There will be more attacks. There are probably attacks that have already taken place and that will only be made public in the future”, he warned.
The Killnet group is a pro-Russian hacker group that operates in liaison with the Kremlin against various countries it views as adversaries of Moscow’s geopolitical goals. Throughout 2022, they gained a lot of notoriety by carrying out a series of attacks, which even paralyzed several North American airports.
“This group demonstrates three things. First, they weaken NATO’s image and prove the lack of security. Second, they demonstrate that they can steal sensitive information from an operational point of view. And finally they promote themselves as cybercrime mercenaries”, explains Bruno Castro.
This is the second large-scale attack by pro-Russian groups in less than a month. At the end of March, the NoName057(16) group hit the website of NATO’s main operational headquarters, the Supreme Headquarters Allied Powers Europe (SHAPE), with a DDoS (Denial of Service) attack, controlling the platform taken in several countries, including Portugal.
The information comes shortly after one of the largest leaks of classified information from the US defense, after a Portuguese descendant, only 21 years old, member of the Massachusetts Air National Guard, disclosed almost 100 classified documents from the US defense.
The suspect, Jack Teixeira, worked at the 102nd Intelligence Wing of the Air National Guard and posted the images in a Discord social networking group for its 30 members. The documents revealed the perspective of US intelligence services on the development of the fighting in Ukraine.