Critical Libwebp Vulnerability (CVE-2023-5129)
Finland's Security and Intelligence Service SUPO has warned of the deterioration of relations between Finland and Russia due to Ukraine, sanctions, and NATO. While the agency does not believe that crippling attacks on critical infrastructure are likely in the near future, it has seen an increase in attacks on such targets. The energy sector was identified specifically as one such industry under increased attack.
On the back of the release of SUPO's new report, several pro-Russian hacktivist groups have openly stated their intent to carry out an attack on Finnish infrastructure. Thus far, NoName05716, KillNet, Legion Team, Rubit, User Sec, and others have been observed making such statements. Attacks by such groups are likely to be in the form of DDoS, which could render targeted domains or services temporarily unavailable. We have included in our links some of the more recent advice on mitigating DDoS attacks for your review.
It is also worth considering what the future of DDoS attacks could look like, and recently, Google, Cloudflare, and AWS released blogs on a new development in this area. We have included a link to Google's report here as well.
Risk: DDoS attack
- Assessment: high confidence that there is a heightened risk of DDoS attacks being weaponized in an attempt to cause disturbance in society at large.
Nixu Threat Intelligence