Thursday 3 October 12:00 - 12:30, Green room
Itay Cohen (Check Point)
On December 12th, millions of Ukrainians trying to connect on Kyivstar's mobile and internet services were met with silence. The outage, it turned out, was no accident, but a carefully planned attack that had been brewing for months. One day later, a message saying “We take full responsibility for the cyber attack on Kyivstar” appeared on social media accounts belonging to a group calling itself ‘Solntsepek’.
“We attacked Kyivstar because the company provides communications to the Armed Forces of Ukraine”, the message continued. The Ukrainian users found themselves an audience of another hacking stunt in the ongoing war that started with the Russian invasion of Ukraine. Almost one month later, the pro-Ukraine hacker group “BlackJack” claimed to have breached the Russian internet provider M9com as revenge for the Kyivstar attack.
These attacks demonstrate a rising trend where groups, ostensibly state-sponsored yet posing as hacktivists, execute cyber and influence operations. This approach provides plausible deniability and an appearance of legitimacy, avoiding the direct implications of government involvement. These actors, often using various group names, leverage grassroots facades for anonymity and to minimize international backlash.
But what if the inflation in the trend is its weakest point? This is where yet another trendy topic comes in handy – machine learning (and, yes, AI as well). We analysed thousands of public messages from hacktivist groups in Europe and the Middle East and combined classic cyber threat intelligence practices with modern ML models to learn about their motives over time and, more importantly, tie some of these groups together and improve the way we perform attribution when it comes to hacktivism.
 |
Itay Cohen Itay Cohen (a.k.a. Megabeets) is a research lead at Check Point Research. Itay has vast experience in malware reverse engineering, threat intelligence, and other security-related topics. He is the author of a security blog focused on making advanced security topics accessible for free. Itay is a maintainer of the open-source reverse engineering frameworks Rizin and Cutter. He is a social and political activist, with a focus on animal rights. Itay was selected to the Forbes 30 Under 30 list for 2023, and recognized for his threat research work and activism. |
Back to VB2024 conference page
