Sudanese Nationals Accused in ‘Anonymous Sudan’ Cyberattacks
Two Sudanese nationals were indicted by US prosecutors for their alleged participation in a group known as “Anonymous Sudan” that conducted cyberattacks against US government agencies, airports and a major hospital in Los Angeles.
The group relied on distributed-denial-of-service attacks, and its DDoS tool was used to launch more than 35,000 such assaults in about one year of operation, Martin Estrada, the US attorney for the Central District of California, said in a press conference on Wednesday.
The group also targeted government and private organizations in the Netherlands, Bahrain, United Arab Emirates, Chad, Israel and the UK. Among the specific targets were Cedars-Sinai Medical Center in Los Angeles, Netflix, Riot Games Inc., Europol, the FBI, the Defense Department and the State Department, according to prosecutors.
The group held a “Sudanese nationalist ideology” and chose targets that were wide-ranging but based on political ideology, Estrada added, describing the defendants as “callous and brazen.”
Ahmed Salah Yousif Omer, 22, was accused of setting up and operating the DDoS attack infrastructure of Anonymous Sudan, in addition to posting messages on Telegram claiming credit for the attacks. Another defendant, Alaa Salah Yusuuf Omer, 27, would provide computer code and programming support, federal prosecutors said.
The defendants are in custody outside of the US and have been interviewed by FBI agents, Estrada said. He declined to provide their location.
If convicted of all charges, Ahmed Salah faces a maximum sentence of life in prison related to the attack on Cedars-Sinai hospital, which endangered patients’ lives, prosecutors said. If he is found guilty, it would be the first cybercrime conviction tied to physical harm in the US, Estrada said.
Bloomberg News previously cited cybersecurity experts who claimed the hacktivist group was a front for a Russian unit. However, prosecutors said that the group is led by Sudan-based individuals “although the group may share ideologies with, and sometimes appears to act in concern with, Killnet and similar hacktivist groups,” according to an FBI agent’s affidavit in support of the case against Ahmed Salah.
Killnet is a pro-Russia DDoS hacktivist group.
Someone claiming to be the spokesperson for Anonymous Sudan on Telegram last year told a Bloomberg reporter that the group had teamed up with Russian hacking groups because “Russia stood with Sudan before that and other than that, these groups helped us greatly and we want to return the favor to them.”
“I attack everything that is hostile to Islam and all countries that are hostile to Islam are hostile to Russia,” the claimed spokesperson said.
Photo: Photographer: Chris Ratcliffe/Bloomberg