Russia-Linked Hackers Attack Japans Govt, Ports

  /     /     /  
Publicated : 23/11/2024   Category : security


Russia-Linked Hackers Attack Japans Govt, Ports


Russia-linked hackers have taken aim at Japan, following its ramping up of military exercises with regional allies and the increase of its defense budget.



Two Russian hacking groups leveled distributed denial-of-service (DDoS) attacks at Japanese logistics and shipbuilding firms — as well as government and political organizations — in what experts believe are attempts to pressure the Japanese government. The attacks came after lawmakers boosted the nations defense budget, and its military conducted exercises with regional allies.
The two pro-Russian cyberthreat groups — NoName057(16) and the Russian Cyber Army Team — started attacking Japanese targets on Oct. 14, with more than half of the attacks targeting logistics, shipbuilding, and manufacturing firms, according to network-monitoring firm Netscout. The groups, especially NoName057(16), have made a name for themselves by attacking Ukrainian and European targets following Russias invasion of Ukraine.
In the latest spate of attacks, the groups targeted Japanese industry and government agencies after the Ministry of Foreign Affairs of the Russian Federation expressed concern over the ramp-up of Japans military, says Richard Hummel, director of threat intelligence for Netscout.
Japan had their elections last week, and the leader that took over is no fan of Russia and, in fact, has been very vocal about supporting Ukraine and sending aid, he says. Japan is also working with the US military on joint exercises and ballistics missiles testing — these are the [regional events] that NoName057 will go after.
With geopolitical rivalries with China and Russia heating up, Japan is in the midst of its largest military buildup since World War II. In December 2022, the nation
unveiled a five-year $320 billion plan
that includes long-range cruise missiles that could hit targets in China, North Korea, and Russia. The move marked a significant shift away from Japans self-defense-only policy, with the government continuing the move by
increasing military spending by 16% this year
.
On Oct. 17, Japans Deputy Chief Cabinet Secretary Kazuhiko Aoki said
the government is investigating the DDoS attacks
.
More than half of the attacks targeted the logistics and manufacturing sector, while nearly a third targeted government agencies and political organizations in Japan, Netscout
stated in its analysis
.
The Russian group has leveraged every attack capability of the DDoSia botnet, employing a wide range of direct-path attack vectors against multiple targets, the analysis stated. As of this writing, approximately 40 targeted Japanese domains have been identified. On average, each domain is hit by three attack waves, utilizing four distinct DDoS attack vectors, utilizing approximately 30 different attack configurations to maximize attack impact.
The attacks mark the latest shift in DDoS attacks. In the past, 85% to 90% of such attacks originated in the gaming world, with players targeting other players, Netscouts Hummel says. Over the past few years, while many hacktivism attacks amounted to little more than PR stunts, cybercriminals have increasingly used DDoS attacks to cause outages in business operations to support a cause or monetize a botnet — sometimes, both.
US authorities
recently charged two Sudanese brothers
— 22-year-old Ahmed Salah Yousif Omer and 27-year-old Alaa Salah Yusuuf Omer — following more than 35,000 DDoS attacks during the past 18 months, which targeted government agencies, a major Los Angeles-area hospital, and technology companies. The US Department of Justice charged one of the two brothers with three counts of damage to a protected computer, and the indictment included his message taking credit for any damage to the hospital ... and their health systems + any collateral damage,
according to a federal indictment
.
The impact of a DDoS attack on the ability of connected medical devices to operate means that increasingly they will have physical impacts, Hummel says.
The brother was charged with essentially attempted murder, because they were taking down hospital infrastructure where people needed life-saving technology, he says. If the Internet goes down, then [these connected medical devices] stop functioning, they stop checking in.
Both NoName057 and the Russian Cyber Army Team obviously pursue priorities expressed by the Russian government, but that does not necessarily mean they are a military or intelligence agency operation, Hummel says.
Overall, the groups have claimed 60 attacks against 19 different targets in the weeks following the criticism of Japans accelerated military buildup by Russias Minister of Foreign Affairs. In a Telegram post, NoName057(16) confirmed the link.
Particular discontent was caused by the participation of non-regional NATO member countries in the maneuvers, which, in Russias opinion, increases the threat and is unacceptable, they stated
in the Telegram post
(machine translated from Russian). We punish Russophobic Japan and remind you that any measures directed against Russia may end badly.
The groups attacks against Japan match with previous targeting against any critic of Russia or its strategy, Hummel says.
I cant say definitively if they are part of the Russian government ... or if any agency is giving them direct instructions, he says. What I can tell you is that all of the targeting is against groups that are anti-Russia or anti-Muslim. And oftentimes, its usually going to be in that political sphere when people are vocal about their support of anybody against Russia.

Last News

▸ Debunking Machine Learning in Security. ◂
Discovered: 23/12/2024
Category: security

▸ Researchers create BlackForest to gather, link threat data. ◂
Discovered: 23/12/2024
Category: security

▸ Travel agency fined £150,000 for breaking Data Protection Act. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Russia-Linked Hackers Attack Japans Govt, Ports