Germany’s tank support met with Russian cyberattacks


Berlin’s decision to supply Ukraine with Leopard 2 tanks triggered a wave of Russia-based cyberattacks against targets in Germany.

Germany’s decision to send 14 Leopard 2 tanks to Ukraine did not go unnoticed by pro-Russian hackers. The number of cyberattacks against targets in Germany increased by 35% since Chancellor Olaf Scholz agreed to provide German-made tanks.

According to cyber deception firm Lupovis, pro-Russian hacktivists and low-skilled threat actors flooded targets in Germany. Lupovis data comes from its contextual threat intelligence, based on the company’s decoys and sensors deployed around the internet.

While the data shows that attackers are likely less skilled and rely on automated tools to scan the web for vulnerabilities, once they discover vulnerabilities, human operators take over.

According to Xavier Bellekens, CEO of Lupovis, while the attacks come from script-kiddies, a term used to describe low-skilled threat actors, novice attackers can often cause more accidental damage than their more experienced peers.

“This should act as a warning; Russia is once again in retaliation mode, and the threat of attacks targeting Germany has reached boiling point. Organizations and governments in the region must use this as a time to act and work on improving their defenses,” Bellekens said.

After much hesitation, the German government agreed to send a handful of Leopard tanks to Ukraine, finalizing the decision only after the US promised to send Abrams tanks from its inventory.

It is estimated that Germany’s decision will allow other Leopard-owning European nations to supply tank units from their reserves, pushing the total number of Leopard tanks Ukraine should receive to 80.

Ukraine required heavily armored vehicles as the nation anticipated a renewed Russian offensive in the coming weeks. Kyiv likely also prepares an offensive to push Moscow forces out of territories Russia occupied over the last year.

In December, Lupovis researchers noted that Russian threat actors use networks of organizations in countries that support Ukraine to launch cyberattacks.

A Fortune 500 company, dam monitoring system, and organizations in the UK and France had their networks used by malicious Russian actors to launch cyberattacks on Ukraine.

Bellekens said that some low-level cyberattacks, such as distributed denial-of-service (DDoS) attacks create pressure on security teams guarding IT infrastructure. Stress often leads to mistakes, and adversaries anticipate exploiting cracks in the defensive walls.