.webp "Hacktivist Preparing for DDoS Attacks on Paris Olympics")
Cyble Research & Intelligence Labs (CRIL) researchers have recently uncovered a cyber threat aimed at disrupting the upcoming Paris Olympics. The threat originates from a Russian hacktivist group called the “People’s Cyber Army” (Народная Cyber Армия) and their allies, HackNeT, who have declared their intention to carry out Distributed Denial of Service (DDoS) attacks on various French websites.
The announcement of these planned attacks has sparked concerns regarding the cybersecurity measures in place for the Summer Olympics scheduled to be held in Paris. With the potential threat looming over the event, there is a growing need for enhanced vigilance and preventive measures to ensure the safety and security of the digital infrastructure.
The People’s Cyber Army made their initial declaration of targeting the Paris Olympics on June 23, 2024, through a post on their official Telegram channel at 0840 hours UTC. Subsequently, they claimed to have successfully executed a DDoS attack on the website of Festival La Rochelle Cinéma (Fema) at around 0830 hours UTC. This claim was accompanied by a link to a domain monitoring website, ‘check-host.net,’ as corroborating evidence of the attack.
Following this, HackNeT joined forces with the People’s Cyber Army by reiterating the same announcement on their own Telegram channel. They also claimed to have conducted a successful DDoS attack on the website of Grand Palais (Paris), a prominent French palace cum cultural and exhibition center. These coordinated efforts by the two groups indicate a premeditated plan to disrupt online services related to the upcoming Olympics.
The People’s Cyber Army is a well-known hacktivist group with a history of engaging in high-profile cyberattacks. Their association with other notable cyber threat actors, including APT44, Sandworm, FROZENBARENTS, and Seashell Blizzard, further underscores the seriousness of the situation. The group maintains a substantial following on their Telegram channel, CyberArmyofRussia_Reborn, boasting over 51,000 subscribers.
In addition, the People’s Cyber Army regularly collaborates with other pro-Russian hackers such as NoName057(16), HackNeT, CyberDragon, and UserSec Collective. Their politically motivated agenda and justifications for cyber attacks are often shared on their Telegram channel, providing insights into their operational ethos.
The DDoS tool used by the People’s Cyber Army is coded in Python and employs various techniques for executing both Layer 4 and Layer 7 attacks. The tool’s capabilities include multithreading and multiprocessing to enhance attack efficiency, along with proxy support to conceal the attacker’s IP address. The group also offers tutorials on installing and utilizing these tools to their Telegram subscribers.
HackNeT, an emerging pro-Russian group that emerged in February 2023, poses an additional threat in conjunction with the People’s Cyber Army. The group conducts politically motivated attacks and collaborates with other like-minded hacktivist groups to achieve their objectives. The connection between the People’s Cyber Army and APT44 highlights the gravity of the situation, necessitating a thorough investigation into these developments.
As preparations for the Paris Olympics progress, the potential for more sophisticated and large-scale cyberattacks remains a significant concern. The international community and cybersecurity experts must remain vigilant and implement robust defense strategies to safeguard the digital infrastructure of the event. Proactive measures are essential to mitigate the risks posed by the People’s Cyber Army and HackNeT, ensuring the smooth conduct of the upcoming Summer Olympics in Paris.