After the attacks of hacktivism pieces like Anonymous and GhostSec it could be the turn of the Russian hackers. «We expect the Conti group to carry out an attack on the Swift international payment system in the coming days, to allow Putin to respond to the sanctions of the Western axis without exposing himself. If this happens in the short term, it means that they have already been working on it for some time. Furthermore, an increase in the risk for our national critical infrastructures cannot be excluded, which, in reality, have already suffered some initial attacks in recent days ». The forecast is by Stefano Mele, partner and global head of the cybersecurity department of the international law firm Gianni & Origoni. The Conti Group has traditionally been close to the Kremlin and since the beginning of the invasion has unconditionally supported the work of Vladimir Putin and his invasion of Ukraine. The panorama is quite articulated as Carola Frediani, journalist and expert on this subject, writes. On the one hand there are Russian and Belarusian hackers, on the other Ukrainian and patriotic groups, anti-Lukashenko Belarusian cyberpartisans, hacktivist pieces like Anonymous and GhostSec. But according to the lawyer, the states are behind many of these cybercriminal gangs.
“Usually – explainedayo – the operations of hacktivist collectives have a limited impact on the recipients, while when we see greater effects we must consider that government forces are acting behind them, which find it convenient in certain historical periods to hide their identity. current, it is very likely that the US is acting behind the mask of Anonymous, which is opposed on the other front by the action of the Conti group, traditionally close to the Kremlin and openly taken to the field in favor of the Moscow government “.
«The actions implemented by the two sides – he concludes – are premeditated, since they require rather long preparation times and imply a previous violation – and therefore implied in” peacetime “- of the computer systems of the targets that today are intended to undermine; mostly these are dormant malware that are activated at the right time.