Russian hackers target Polish and Swedish online infrastructure in failed cyberattacks

The hacktivist group NoName057(16), linked to Russia, announced a collaborative attack on Swedish internet infrastructure alongside other hacking groups such as People's CyberArmy, 22C, CyberDragon, Horus Team, UserSec, and Phoenix. This was revealed by Check Point Research analysts in their OSINT report, highlighting that pro-Russian hackers also targeted other nations, including websites mPay.pl and citizen.gov.pl.

These Russia-affiliated hacker groups claimed to have launched attacks on the websites of various Swedish authorities, Poland's citizen.gov.pl site, the Polish mobile payment operator mPay, and Czech Republic authority sites. The NoName057(16) group disclosed a DDoS attack on Polish institutions through its Telegram channel.

Despite these attempts, both Polish websites continue to function smoothly, indicating the ineffectiveness of the pro-Russian hackers' actions, which at most could briefly disrupt the operation of the Polish sites.

"The aim of Russian groups is to disturb the efficient operation of public institutions and to foster unrest in Poland— a staunch ally supporting Ukraine during the conflict," remarked Wojciech Głażewski, the country manager for Check Point Software in Poland, on these attack attempts.

However, DDoS attacks are just one part of the threat landscape. Check Point Research specialists have observed the growing phenomenon of state-supported hacktivism, particularly from Russia. This trend is evident as cyber activities associated with geopolitical conflicts increase, with cybercriminals employing more sophisticated techniques, such as exploiting zero-day vulnerabilities, for ransomware attacks.

"In 2023 alone, we recorded over 5,000 victims of overt ransom attacks, which is a 90 percent increase compared to 2022. Ransomware now represents 10 percent of all malicious programs attacking computer networks globally," caution the authors of the Check Point 2024 Cyber Security Report.