The NoName hacker group has continued its cyber attacks on Lithuania, with the country’s aviation sector being the latest target. The group claimed to have attacked KlasJet Airlines, DAT LT, Avion Express, and Heston Airlines. However, six of the eight targets listed by the group were seemingly not impacted by the alleged cyber attack. The official websites of Heston Airlines and Achemos Grupe did display an error message. The Cyber Express has contacted the named entities for confirmation and will update the report based on their reply.
The websites that were allegedly attacked by the NoName hacker group were mostly related to air travel. The Cyber Express checked their accessibility status and made the following observations: Heston Airlines – not accessible, KlasJet Airlines – accessible, Achema, Lithuanian chemical plant – accessible, Achemos Grupe – not accessible, Akropolis Group, a Lithuanian company – accessible, Baltic News Service – accessible, Avion Express, a Lithuanian airline – accessible, and DAT LT, a Lithuanian airline – accessible.
The pro-Russian hacker group launches Distributed Denial of Service (DDoS) attacks on targets and claims the same on its website. Earlier, the group named the Lithuanian parliament, the Lithuanian company Litgrid AB, and the e-services company Seimas on its target list.
The tension began when the EU put restrictions on Russian truck movements in April. The ban applied to all the transit of goods that fell into the EU sanctions. The ban affected 50% of all the transit including fertilizers, alcohol, caviar, and wood among other commodities. Certain other transportation was allowed periodically, for example, the carrying of petroleum products through Lithuania. Reacting to the restrictions, the representative of the Ministry of Foreign Affairs of the Russian Federation Maria Zakharova said that Lithuania acted aggressively and has gone beyond their lines.
The group showed support towards the Killnet group for the tip on the websites of Lithuania. Killnet was also targeting Lithuanian websites alongside NoName. The group even called other hackers to destroy Lithuanian network infrastructure.
More recently, NoName has claimed the Lithuanian agricultural companies including the Linas Agro Group. They also named the website of Kauno Energija and its subdomain, which is an energy company. The Lithuanian Riflemen’s Union was also named by the hacker group.
According to a report, Lithuania had nearly 2.22 million internet users in January 2021. Despite the findings, Lithuania stands among the most assessed areas for legal regulation and the development of cybersecurity facilities. The country had a score of 97.3 and was sixth among other nations globally, according to the Global Cybersecurity Index (GCI) published in June 2021.
“NoName057(16) operate through Telegram to claim responsibility for their attacks, mock targets, make threats, and generally justify their actions as a group,” reported cybersecurity firm SentinelOne. “Interestingly, NoName057(16) makes attempts to teach their followers through educational content such as explaining basic industry jargon and attack concepts.”
In a recent incident, the group disrupted services in the financial sector of Denmark, highlighting the potential risks cyberattacks pose to critical infrastructure. In addition to targeting Ukrainian organizations, NoName has also focused on businesses and organizations in Poland, Lithuania, and other countries. The group gained attention when they targeted the websites of candidates running in the 2023 Czech presidential election, starting on January 11. Initially, the group’s attacks were aimed at Ukrainian news websites but later shifted towards targets associated with NATO, as mentioned in the SentinelOne report.
NoName’s motivations appear to revolve around silencing what they perceive as anti-Russian sentiment.