“I’ve never seen this!” Volodymyr “Bob” Diachenko, a Ukrainian cybersecurity consultant, knows this environment like the back of his hand. According to him, the mobilization of his peers after the Russian invasion of Ukraine, especially for carrying out computer attacks on Russia, stands in relation to the events that are shaking the country: unprecedented.
Since February 24, the date of the beginning of the invasion of the Russian army, thousands of Internet users, with heterogeneous technical skills, have joined various groups intending to launch a maximum of computer attacks on Russian digital infrastructures .
“Everyone I know is involved on various levels. No one gets lost. It’s so simple now that anyone can use a computer program to attack Russian websites. There are instructions, even on official channels or in the media!”notes Bob Diachenko, on the phone from western Ukraine.
Dissemination of initiatives
This movement begins from the first days of the conflict, when the Ukrainian Ministry of Digital Transition calls on its citizens to join Ukraine’s IT Army. In a single day, 120,000 volunteers joined the Telegram group set up for the occasion. Today there are more than 310,000. The administrators of this group have submitted lists of sites and computer servers to target. These are basic attacks, he says “in paralysis attack”, which consists of artificially multiplying links to a website to make it inaccessible. Banks, delivery services, media or companies participating in the infrastructure of the Russian web: hundreds of targets have been identified.
Some groups also claim to be part of the Anonymous movement, giving a new impetus to this “powerful fantasy” that has been losing ground for a few years. Thus, some accounts close to the current assumed responsibility for piracy of Russian TV channels, which is set to send anti-war messages (an operation impossible to confirm).
Other assemblies of volunteers come from Ukraine’s strong cyber security industry structure. A few months ago, Bohdan Ivashko worked for the video game giant Ubisoft, where he mainly worked with cockfighting in far cry 6. Now employed in a cybersecurity start-up, he has just spent his last weeks building Death by a 1000 needles, a software designed to launch paralysis attacks. The latter has just been adopted by the IT Army of Ukraine group. “I felt guilty in a fairly safe part of Ukraine and I could not sit still while people were being killed,” he remembers today.
Sometimes entire companies get involved, such as Cyber Unit Technology, which launched one bug bounty (“bug bounty”) a little special. System that usually connects hackers and companies – the former hacker the latter for a fee to identify security flaws – it is reversed here: Cyber Unit Technology thus claims to honor hackers who would identify computer errors in Russian companies to use these errors and cyber attacks.
Of course, a Telegram group has been set up where volunteers exchange tips and questions.
Developers from the Lviv region have also spawned an online game, which, when opened on a computer or phone, actually launches attacks on Russian websites. Its creators claim to have made ” to fall “ instead of Rosneft, the oil giant. Another Ukrainian-based company, Hacken, has changed a tool it used to stress test its customers’ websites into software that anyone can download, called Liberator, and designed to automatically attack Russian sites. Of course, a Telegram group has been set up where volunteers exchange tips and questions. asked by The worldclaims one of its developers two thousand daily users.
The risk of eliminating for visible activists
Older hacker groups have also joined the “dance”, such as the Belarusian cyber partisans. This group, whose origins remain unclear and which has fought numerically against the Minsk regime for several months, has claimed that part of the rail traffic in Belarus has been reduced in order to prevent the movement of Russian troops, with Moscow using its neighbor as a rearguard. base for its offensive in Ukraine.
Some attacks go beyond simple paralysis attacks, Bob Diachenko explains:
Another area where our skills are useful is more sophisticated attacks: hacking into email accounts, recovering sensitive data from military or government websites. These are things you would not dare to think about in peacetime, but today I feel it is the right thing to do.
These more advanced offensives are organized more discreetly. A former member of the Ukrainian intelligence services converted to cybersecurity, whom we contacted, refused to answer our questions, citing the risk that the Russians could physically eliminate any activist who was a little too visible.
This proliferation of initiatives is often directly encouraged, even organized, by the Ukrainian government, which in these mercenary pirates finds useful tools to complicate Russian digital life a little more. The Minister of Digital Transformation, Mykhaïlo Fedorov, is the cornerstone of the system: he is the originator of the IT Army of Ukraine. He was also the one who asked the head of Cyber Unit Technologies to form a team of pirates. Moreover, Mr Fedorov acknowledged this without hesitation The world : “We have already carried out about fifty attacks”, he revealed in the first-person plural. In the columns ofHa’aretzhe also suggests that the authorities provide the voluntary lists of places to be attacked.
A noticeable impact
Difficult to assess with certainty the effectiveness of the attacks. A wealth of evidence, however, acknowledges the idea that they had a remarkable impact. Netblocks, an observatory for internet connection, noted, a few days after the first offensives, that access to the sites of the Kremlin, the Russian parliament or the Ministry of Defense was very difficult.
In the long run, Chris Partridge’s measurements confirm the effectiveness of the actions of Ukraine’s IT army. This cybersecurity engineer working for Amazon investigated the matter in his spare time. He has built a tool that checks, for each page that the group of “hacktivists” is targeting, whether it is still available. His measurements show that a good deal of the attacked places were inaccessible in Russia at least for a period.
The Russian ministry has officially offered banks help in combating these offensives
Rostelecom-Solar, a Russian cybersecurity firm, has announced that it has spotted a significant increase in paralysis attacks during the first ten days of March. The Russian ministry has officially offered the banks, which are among the organizations targeted by Ukrainian volunteers, help to combat these offensives. But do they make a real difference in the conflict? “I do not think these attacks are effective from a strategic point of view”admits Bob Diachenko, who prefers to look into them “a kind of cry of anger from the Ukrainian society”.
Participating in these attacks is not without risk. The specialized company Talos recently discovered a program that was supposed to carry out cyber attacks against Russia, which in fact was malware that stole personal information from the person downloading it. So many civilians’ intrusion into the digital side of the war also raises new questions. One of the companies participating in this war effort, Hacken, has e.g. based in Estonia in Tallinn, but most of its employees are currently in Spain, according to the website Political. How can Russia perceive attacks from Western countries with which it is not in open conflict? Some experts fear an escalation in cyberspace.