Russian hackers have cut contact between NATO and military jets delivering aid to victims of the Turkish-Syrian earthquake that has claimed at least 28,000 lives.
A NATO official confirmed that the alliance had fallen victim to a cyber-attack, believed to have been carried out by the Killnet hackers.
The Killnet hacker group claimed responsibility for the distributed denial of service (DDoS) attacks, but did not provide further details.
“We are launching attacks against NATO. Details in a closed channel,” it said on one of its affiliated Telegram channels.
The website of NATO’s Special Operations Headquarters, which is based in Belgium, was down for just a few hours before being restored.
Other organizations affected by the attack included the Strategic Airlift Capability.
It is a multinational organization that relies on NATO support to provide military and humanitarian airlifts.
In February last year, the organization delivered supplies to the Ukrainian army.
Most, but not all member states are members of NATO.
SAC aircraft have been used for several missions since 2009, including the evacuation of nearly 3,000 civilians from Kabul after the Taliban seized control of the country.
It is currently being used to transport search and rescue equipment to the earthquake-affected area.
One of the organization’s C-17 aircraft, believed to be carrying supplies to Incirlik Air Base in southern Turkey, was warned of the malfunction in a message from an SAC manager via the ACARS (Aircraft Communications Addressing and Reporting System).
The plane was told that NATO’s NR network – believed to be used to transmit sensitive data – had been affected by the denial of service attack.
Although contact with the plane was not lost, the attack by the hackers probably hindered the relief effort.
The NATO official confirmed the attack by the hackers: “NATO cyber experts are actively addressing an incident affecting some NATO websites. NATO regularly deals with cyber incidents and takes cyber security very seriously.”
Western security services have described Killnet as a loose group of pro-Kremlin activists aiming to disrupt military and government websites of countries supporting Ukraine with fairly straightforward DDoS attacks.
The attacks usually cause outages of several hours and no significant lasting damage, though cybersecurity experts have said the group may be pacing itself and keeping its more sophisticated attacks in reserve.
Russia is considered a hotbed of talented hackers and security officials in the West have said they have prioritized dealing with the risk.
In May last year, British police arrested a member of Killnet in London. In response, Killnet threatened to turn off ventilators in British hospitals if police did not release the unnamed individual.
In January, Killnet was blamed for taking down the websites of 14 US hospitals, though US officials said the impact was limited and no unauthorized access to hospitals’ cyber architecture had been detected.
In March 2022, shortly after the Kremlin invaded Ukraine, Killnet released a video of a hooded figure with a distorted voice urging Russians not to flee the country, but instead to support the motherland.
Killnet has clashed in cyberspace with the pro-Western hacker collective Anonymous, which has attacked several Russian targets. Killnet has previously claimed to have taken the Anonymous server offline.