The US Defense Logistics Agency (DLA) reportedly experienced a data breach, allegedly attributed to the Russian Evilics Group, as disclosed by the threat actor on March 17, 2024. The purported ASSIST cyberattack targeted the website of the DLA’s standardization management arm, although claims have not been independently verified.
ASSIST functions as a critical platform within the Defense Standardization Program (DSP), responsible for coordinating, disseminating, and managing defense and federal standards, as well as related technical documents.
Decoding the Alleged ASSIST Cyberattack Claims
The Cyber Express has reached out to the DLA to learn more about this alleged cyberattack on ASSIST. However, at the time of writing this report, no official statement or response has been received, leaving the claims for the ASSIST cyberattack stand unverified right now.
Moreover, the website claimed by the hackers as the victim seems to be operational at the moment and doesn’t show any immediate signs of the cyberattack. The Russian Evilics Group could have targeted the backend of the website instead of launching a front-end assault like a Distributed Denial-of-Service (DDoS) attack.
Boasting a vast repository of over 115,570 technical documents and 246,183 PDF files, ASSIST is pivotal for maintaining the Department of Defense’s specifications and standards. Managed by the Defense Standardization Program Automation Office (DSPAO), ASSIST offers free access to DSP technical resources and incorporates tools for users to search, generate reports, and receive customized alerts.
Who is the Russian Evilics Group?
The Russian Evilics Group, a recently emerged pro-Russian hacktivist faction, made its public debut on the dark web in March 2024. Their manifesto emphasizes a commitment to safeguarding Russian interests in the digital realm, combating threats both foreign and domestic.
In their own words, the group sees itself as explorers, defenders, and creators in the vast domain of cyberspace. “Dear friends, we have been doing our own thing for a long time, and we are finally going out into the open! We are a team from Russia, united by a passion for our vast country. Our goal is to protect the interests of the Russian Federation in cyberspace, both from external and internal threats. We explore, we protect, we create”, reads the threat actor’s introductory post.
The Russian Evilics Group’s infiltration of the DLA’s website raises concerns about the security vulnerabilities within critical government infrastructure. The threat actor, in the dark web post, says, “Our group compromised a website belonging to the US Defense Logistics Agency. We have access to many documents of levels A, B, C, D, E, F. We will definitely reveal the characteristics and vulnerable points of any military unit in Ukraine!”.
This is an unverified and ongoing story. The Cyber Express will be closely monitoring the situation and we’ll update this post once we have more information on the ASSIST cyberattack or any official confirmation from the US Defense Logistics Agency (DLA).
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.