PenguinSecurity group becomes active on OpTurkey in addition to activity in Russia
Target: Sites relating to the Turkish government as well as Russian sites
Attack Vector: DDoS attacks, website defacement
Threat Actor: @PenguinSecurity
Summary: A previously unknown hacktivist group, @PenguinSecurity, previously known as @ThePenguinsPlace have been involved in operations relating to Russia and Turkey and has carried out defacements of websites in both nations. Their attacks against Russia were particularly concerning as they occurred during the increased tensions between the UK and Moscow as a result of the Sergei Skripal poisoning incident. It was believed that Moscow might consider the group a western state sponsored entity but since then, they have taken part in @Anonymous affiliated activity under #OpTurkey.
Risk assessment summary: The threat is assessed as 3d MODERATE. While PenguinSecurity is a relatively new group, making it more difficult to assess the threat they may present, the fact they have emerged during a period of heightened international tensions means it is prudent to closely monitor their activity. They appear to be effective at carrying out both defacement and DDoS attacks which indicate’s enough technical capability to present a plausible threat to targeted organisations. The risk is raised further when their actions are put into the context of the current political situation, with Russia particular likely to consider “new” hacktivist groups with a great deal of suspicion which could lead to a retaliatory response.