The same Russian threat actors that this week targeted Italian parliamentary and military websites and threatened to disrupt U.K. National Health Service (NHS) services, could now have the Eurovision Song Contest 2022 final in their crosshairs.
The Killnet threat group has threatened to “send 10 billion requests” to the Eurovision online voting system and “add votes to some other country.”
What is Killnet?
The pro-Kremlin Killnet cybercriminal group boasts of conducting “military cyber exercises” to improve member skills, appears to be mostly involved in reasonably straightforward, if disruptive, Distributed Denial-of-Service (DDoS) attacks.
According to threat intelligence experts at Cyjax, Killnet first emerged back in March following the Russian invasion of Ukraine. Using the newly launched ‘Killnet Botnet DDoS’ resource, its first target was the Anonymous hacktivist collective. This involved disrupting “the Anonymous website.” Or, at least, it would have if such a thing existed.
As Cyjax explains, there is no central Anonymous website. “It’s more likely that an independent generic Anonymous website was targeted to boost morale for the Russian side,” Cyjax says.
Killnet threatens to disrupt Eurovision 2022 final voting
In an apparent attempt to prevent or disrupt the online voting for current Eurovision favorites from Ukraine, the Kalush Orchestra, Killnet has hinted it could target Eurovision servers. In a Telegram message, the group claimed to have already disrupted the voting system. Or, rather, that the DDoS Botnet might be behind earlier voting difficulties.
Russia was banned from competing in Eurovision 2022 following the invasion of Ukraine, and the Kalush Orchestra has stated that a win would be a morale booster for the people of Ukraine.
A Eurovision spokesperson said that the voting system has “a wide range of security measures in place to protect audience participation” and this year will be no different in that regard.