Russian hacking risks ‘spillover effects’ and possible escalation, EU warns

One of the European Union’s top legislative bodies warned Tuesday that Russian hacking groups are “indiscriminately targeting essential entities globally” amid the country’s war with Ukraine, threatening potential spillover effects.

The Council of the European Union singled out recent distributed denial-of-service (DDoS) attacks against several EU member states and partners, which pro-Russian hacking groups took credit for.

“This increase in malicious cyber activities, in the context of the war against Ukraine, creates unacceptable risks of spillover effects, misinterpretation and possible escalation,” the Council said.

Last month, the Russian hacking group Killnet took credit for DDoS attacks on the Lithuanian government and other entities in the country for blocking transit routes to the Russian exclave of Kaliningrad. The country’s National Cyber Security Centre warned communications, energy, and financial institutions of potential “intense” attacks that could include destructive ransomware.

Killnet had previously targeted other European countries for their support of Ukraine — in May, websites of Italy’s parliament, military and National Health Institute faced disruptions that were tied to the group. In April, Romanian cybersecurity officials said websites tied to government agencies and a bank were hit with DDoS attacks that Killnet took credit for.

“The latest [DDoS] attacks against several EU Member States and partners claimed by pro-Russian hacker groups are yet another example of the heightened and tense cyber threat landscape that EU and its Member States have observed,” the Council said in a statement. “We strongly condemn this unacceptable behaviour in cyberspace and express solidarity with all countries that have fallen victim.”

Recent cyber-attacks claimed by pro-Russian hacker groups are yet another example of the increasing cyber threats in the context of Russia's aggression against Ukraine. They need to stop. We will continue to work to prevent and respond to these actions. https://t.co/PKUuT4ZAFf

— Josep Borrell Fontelles (@JosepBorrellF) July 19, 2022

“We remain determined to address and investigate malicious cyber activities affecting international peace, security and stability, including the security of the European Union and its Member States, their democratic institutions, citizens, businesses, and civil society,” the statement continued.

Cybersecurity officials in both Europe and the United States have taken a more aggressive approach to counteracting and sharing information about foreign hacking groups following Russia’s invasion of Ukraine. On Wednesday, U.S. Cyber Command disclosed dozens of malware samples that have been used against computer networks in Ukraine.

Russian hackers aren’t the only ones being called out: On Monday, Belgium’s Minister for Foreign Affairs disclosed details about Chinese state-backed threat groups that targeted the country's defense and interior ministries, and urged Chinese authorities to take action to prevent future incidents.