A Dutch server that was used in a cyberattack on Ukrainian banks and ministries has been disconnected at the request of the police. Two Dutch companies that were co-hosting the server confirm this to BNR. One of those companies, SKB Enterprise, has also previously made it easier to mask the far-right on the left.
The DDoS attack on the Ukrainian authorities on Tuesday was carried out via a server of that company. According to Ukraine, this was the largest cyber attack on the country ever. Previously, that company co-hosted the minister on links that terrified “left” people, according to research by BNR.
Nu.nl wrote at the time that in 2020 and 2021, this far-right organization had “unmasked politicians, scientists and educators, among other things, by publishing their addresses and contact details online”. People were also intimidated at the door. The Vizier op Links website was run from the servers of the Dutch company SKB Enterprise, whose office is in Amsterdam. BNR visited the company for a listen, but was told on the site that it was letterbox.
According to cybersecurity expert Ricky Jeffers, the Amsterdam tech company has a questionable past: “SKB Enterprise has previously been involved in controversial and malicious websites. For example, I hosted a website for a far-right organization. Phishing sites were also run from SKB Enterprise servers. Nu.nl wrote that after the company faced the fact that the Vizier op Links website was connected via SKB Enterprise servers, the company turned off the servers.
Read also | The cyber attack on Ukraine took place through the Amsterdam server
BNR previously discovered that part of the DDoS attack that plagued Ukraine on Tuesday was passing through the Netherlands.
The attack was very similar to a so-called DNS amplification DDoS attack, as cybersecurity expert Gevers says: “The attackers are misusing servers located in the Netherlands. So from the victims’ perspective, a lot of internet traffic comes from the Netherlands.
At the request of the police, SKB Enterprise and Spectra BV, the company that supplied the network to SKB, took the server they were using offline. I got an email from the police on Wednesday afternoon asking me to shut down the server. I did it right away,” the owner of SKB Enterprise told BNR. He did not want to share who rented the server in question from. He noted that the police had not yet requested the server data with which the cyber attack on Ukraine was carried out. The police have not yet been able to confirm the story. “Right now, it makes a lot of sense to think that the attack is coming from Russia,” Jeffers says, although that could change as well: “But with additional information this picture could change.”
Jeffers says it’s not unusual for this Dutch company to have carried out a cyberattack on Ukraine, and previously provided shelter to the far-right online group. With these types of hosting companies, you have a fairly minimal amount of server rental. Then you can, for example, rent relatively anonymously and inexpensively. This makes this kind of practice possible,” said the cybersecurity expert.
Devoted music ninja. Zombie practitioner. Pop culture aficionado. Webaholic. Communicator. Internet nerd. Certified alcohol maven. Tv buff.