Anonymous Sudan is a hacker group that has been active since mid-January 2023 and believed to have originated from Russia with no links to Sudan or Anonymous. [1] [2] They have launched a variety of distributed denial-of-service (DDoS) attacks against targets.
Despite the name, there is no proven link between Anonymous Sudan and the country of Sudan. [3] [1] [2] The group surfaced as a Russian-speaking Telegram channel in mid-January. [4] Some experts, [5] including cybersecurity company CyberCX, [2] believe the group originates from or is supported by Russia. [1] The group is also not linked to Anonymous. [1] [6]
Anonymous Sudan claims to target countries and organizations engaging in self-described "anti-Muslim activity". [3] The group claims to be anti-Zionist [7] and pro-Islam. [8] [9] However, they have also collaborated with pro-Russian attack groups like Killnet, [10] and their attacks seem to align with a pro-Russian agenda. [1]
As a response to the International Committee of the Red Cross rules of engagement for civilian hackers, a representative of Anonymous Sudan said these rules were "not viable and that breaking them for the group's cause is unavoidable". [11]
Anonymous Sudan has launched a variety of distributed denial-of-service (DDoS) attacks against targets in Sweden, Denmark, [12] the US, [13] Australia, [14] and other countries. [3] Their victims include Cloudflare, [15] Associated Press, [16] Netflix, [17] [18] and PayPal, [19] among others. Anonymous Sudan has successfully disrupted the website of Scandinavian Airlines (SAS) [20] and even took down Microsoft 365 software suite, [21] including Teams and Outlook. [3] They also took Twitter (now known as X) offline in more than a dozen countries to pressure Elon Musk to enable Starlink service for Sudan. [22] [6] [23] According to the Cyberint Research Team, the group launched 670 attacks in their first 6 months of activity. [24]
On 8 June 2023, Anonymous Sudan claimed responsibility for a DDoS attack on Azure portal which caused an outage of this and other Microsoft cloud services between ~15 UTC and ~17:30 UTC. [25]
During the War in Sudan between the Sudanese Armed Forces (SAF) and Rapid Support Forces (RSF), Anonymous Sudan launched cyberattacks on the Kenyan government and private websites in the last week of July 2023, in retaliation for the country's support of the RSF. [26] [27] In January and February 2024, Anonymous Sudan claimed to have disabled all internet services in Chad [28] and Djibouti, respectively, as part of a cyberattack to protest the country's relations with the RSF. [29] The group continued attacking Intergovernmental Authority on Development (IGAD) countries [30] (including Uganda in February) due to their backing of the RSF. [31] The group also attacked the United Arab Emirates, a major supporter of the RSF. [32]
On 10 July 2023, Anonymous Sudan attacked fanfiction site Archive of Our Own with a denial-of-service attack. Anonymous Sudan claimed responsibility in a Telegram post, saying the act was motivated by the website's United States registration and its inclusion of sexual and LGBT content. [33] [34] The group then demanded $30,000 worth of Bitcoin within 24 hours to end the attack. [33] [34] The site came back online the next day with Cloudflare protection added. [35]
During the Israel–Hamas war, media teams operating in the region have been exposed to various kinds of cyberattack. The Jerusalem Post website went down on 9 October 2023, with Anonymous Sudan claiming responsibility. The Palestinian Authority news agency Wafa also experienced a cyberattack on 18 October 2023, as did Al-Jazeera English on 31 October 2023 and Al-Mamlaka TV on 3 November 2023. [36] In November 2023, the group targeted Israel infrastructure. [37] [38]
In December 2023, Anonymous Sudan launched a DDoS attack on ChatGPT [39] [40] [41] after Tal Broda, a member of OpenAI's leadership, made a social media post dehumanizing Palestinians, calling for more intense bombing in Gaza, and advocating ethnic cleansing. [42] [43]
In January 2024, Anonymous Sudan failed to hack the London Internet Exchange in response to the UK's missile strikes in Yemen. [7] [44]
The group targeted systems at the University of Cambridge and the University of Manchester on 19 February 2024, citing the United Kingdom's support for Israel in the Israel–Hamas War, and targeting these specific universities "because they are the biggest ones" they could find. Disruption was largely over by 20 February though some systems were still affected. [45]
In computing, a denial-of-service attack is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to a network. Denial of service is typically accomplished by flooding the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled. The range of attacks varies widely, spanning from inundating a server with millions of requests to slow its performance, overwhelming a server with a substantial amount of invalid data, to submitting requests with an illegitimate IP address.
Anonymous is a decentralized international activist and hacktivist collective and movement primarily known for its various cyberattacks against several governments, government institutions and government agencies, corporations and the Church of Scientology.
During the Russo-Georgian War, a series of cyberattacks swamped and disabled websites of numerous South Ossetian, Georgian, Russian and Azerbaijani organisations. The attacks were initiated three weeks before the shooting war began.
Cyberwarfare by Russia includes denial of service attacks, hacker attacks, dissemination of disinformation and propaganda, participation of state-sponsored teams in political blogs, internet surveillance using SORM technology, persecution of cyber-dissidents and other active measures. According to investigative journalist Andrei Soldatov, some of these activities were coordinated by the Russian signals intelligence, which was part of the FSB and formerly a part of the 16th KGB department. An analysis by the Defense Intelligence Agency in 2017 outlines Russia's view of "Information Countermeasures" or IPb as "strategically decisive and critically important to control its domestic populace and influence adversary states", dividing 'Information Countermeasures' into two categories of "Informational-Technical" and "Informational-Psychological" groups. The former encompasses network operations relating to defense, attack, and exploitation and the latter to "attempts to change people's behavior or beliefs in favor of Russian governmental objectives."
Cyberwarfare by China is the aggregate of all combative activities in the cyberspace which are taken by organs of the People's Republic of China, including affiliated advanced persistent threat (APT) groups, against other countries.
Cloudflare, Inc. is an American company that provides content delivery network services, cloud cybersecurity, DDoS mitigation, and ICANN-accredited domain registration services. Cloudflare's headquarters are in San Francisco, California. According to The Hill, Cloudflare is used by more than 20 percent of the Internet for its web security services, as of 2022.
Anonymous is a decentralized virtual community. They are commonly referred to as an internet-based collective of hacktivists whose goals, like its organization, are decentralized. Anonymous seeks mass awareness and revolution against what the organization perceives as corrupt entities, while attempting to maintain anonymity. Anonymous has had a hacktivist impact. This is a timeline of activities reported to be carried out by the group.
A cyberattack is any offensive maneuver that targets computer information systems, computer networks, infrastructures, personal computer devices, or smartphones. An attacker is a person or process that attempts to access data, functions, or other restricted areas of the system without authorization, potentially with malicious intent. Depending on the context, cyberattacks can be part of cyber warfare or cyberterrorism. A cyberattack can be employed by sovereign states, individuals, groups, societies or organizations and it may originate from an anonymous source. A product that facilitates a cyberattack is sometimes called a cyber weapon. Cyberattacks have increased over the last few years. A well-known example of a cyberattack is a distributed denial of service attack.
Lizard Squad was a black hat hacking group, mainly known for their claims of distributed denial-of-service (DDoS) attacks primarily to disrupt gaming-related services.
Cyberwarfare is a part of Iran's "soft war" military strategy. Being both a victim and wager of cyberwarfare, Iran is considered an emerging military power in the field.
Lazarus Group is a hacker group made up of an unknown number of individuals, alleged to be run by the government of North Korea. While not much is known about the Lazarus Group, researchers have attributed many cyberattacks to them between 2010 and 2021. Originally a criminal group, the group has now been designated as an advanced persistent threat due to intended nature, threat, and wide array of methods used when conducting an operation. Names given by cybersecurity organizations include Hidden Cobra and ZINC or Diamond Sleet. According to North Korean defector Kim Kuk-song, the unit is internally known in North Korea as 414 Liaison Office.
On October 21, 2016, three consecutive distributed denial-of-service attacks were launched against the Domain Name System (DNS) provider Dyn. The attack caused major Internet platforms and services to be unavailable to large swathes of users in Europe and North America. The groups Anonymous and New World Hackers claimed responsibility for the attack, but scant evidence was provided.
Cyberwarfare is a component of the confrontation between Russia and Ukraine since the Revolution of Dignity in 2013-2014. While the first attacks on information systems of private enterprises and state institutions of Ukraine were recorded during mass protests in 2013, Russian cyberweapon Uroburos had been around since 2005. Russian cyberwarfare continued with the 2015 Ukraine power grid hack at Christmas 2015 and again in 2016, paralysis of the State Treasury of Ukraine in December 2016, a Mass hacker supply-chain attack in June 2017 and attacks on Ukrainian government websites in January 2022.
Sandworm is an advanced persistent threat operated by Military Unit 74455, a cyberwarfare unit of the GRU, Russia's military intelligence service. Other names for the group, given by cybersecurity researchers, include Telebots, Voodoo Bear, IRIDIUM, Seashell Blizzard, and Iron Viking.
During the prelude to the 2022 Russian invasion of Ukraine and the 2022 Russian invasion of Ukraine, multiple cyberattacks against Ukraine were recorded, as well as some attacks on Russia. The first major cyberattack took place on 14 January 2022, and took down more than a dozen of Ukraine's government websites. According to Ukrainian officials, around 70 government websites, including the Ministry of Foreign Affairs, the Cabinet of Ministers, and the National and Defense Council (NSDC), were attacked. Most of the sites were restored within hours of the attack. On 15 February, another cyberattack took down multiple government and bank services.
Anonymous, a decentralized international activist and hacktivist collective, has conducted numerous cyber-operations against Russia since February 2022 when the 2022 Russian invasion of Ukraine began.
Killnet is a pro-Russia hacker group known for its DoS and DDoS attacks towards government institutions and private companies in several countries during the 2022 Russian invasion of Ukraine. The group is thought to have been formed sometime around March 2022.
NoName057(16) is a pro-Russian hacker group that first declared itself in March 2022 and claimed responsibility for cyber-attacks on Ukrainian, American and European government agencies, media, and private companies. It is regarded as an unorganized and free pro-Russian activist group seeking to attract attention in Western countries.