Formed in a fury to counter Russia’s blitzkrieg, Ukraine’s volunteer ‘hacker’ corps of hundreds of volunteers is more than a paramilitary cyberattack force in Europe’s first major war. internet age. It is crucial for information warfare and intelligence crowdsourcing.
“We really are a swarm. A self-organizing swarm,” said Roman Zakharov, a 37-year-old IT manager at Ukraine’s Digital Boot Army Center.
His group’s inventions run off of software that allows anyone on the planet with a smartphone or computer to participate in distributed denial-of-service attacks from official Russian websites to bots on the platform. -form of Telegram messaging that block misinformation, allow people to report the location of Russian troops and offer directions. on assembling Molotov cocktails and basic first aid.
Zahkarov conducted research at an automation startup before joining Ukraine’s Digital Self-Defense Corps. His band is StandForUkraine. Its ranks include software engineers, marketing managers, graphic designers and online ad buyers, he said.
The movement is global, drawing on Ukrainian diaspora IT professionals whose work includes web defacements with anti-war messages and graphic images of death and destruction in hopes of mobilizing Russians against the invasion.
“Our two nations are afraid of one man – (Russian President Vladimir) Putin,” Zakharov said. “He’s just crazy.” Volunteers contact Russians person-to-person with phone calls, emails and text messages. They send videos and photos of dead invading force soldiers from virtual call centers.
Some create websites. “We have created a site where Russian mothers can browse (photos) of captured Russian guys to find their sons,” Zakharov said by phone from Ukraine’s capital Kyiv.
The effectiveness of the volunteer cyber army is difficult to measure. Russian government websites have been repeatedly taken offline, even briefly, by DDoS attacks, but have generally overcome them with countermeasures.
It’s impossible to say how much of the disruption – including the most damaging hacks – is caused by freelancers working independently but in solidarity with Ukrainian hackers.
A tool developed by Zakharov’s team called “Liberator” allows anyone in the world with a digital device to become part of a DDoS attack network, or botnet. The tool’s programmers code new targets as priorities change.
A senior Ukrainian cybersecurity official, Victor Zhora, said in his first online press conference of the war on Friday that local volunteers only attack what they consider to be military targets, prioritizing government services. , including the financial sector, the Kremlin-controlled media and the railways. He didn’t talk about specific goals.
Zakharov did. He said Russia’s banking sector was well-fortified against attacks, but some telecommunications networks and rail services were not. He said cyberattacks staged by Ukraine briefly disrupted train ticket sales in western Russia around Rostov and Voronezh and disrupted phone service for some time in the eastern region of Russia. Ukraine controlled by Russian-backed separatists since 2014. The claims could not be independently confirmed.
A group of Belarusian hacktivists calling themselves the Cyberpartisan also apparently disrupted rail service in neighboring Belarus this week, seeking to frustrate transiting Russian troops. A spokeswoman said Friday that e-ticket sales were still down after their malware attack froze the railways’ computer servers.
Over the weekend, Ukraine’s Digital Transformation Minister Mykhailo Fedorov endorsed a group of volunteers calling themselves the IT Army of Ukraine, which now has 290,000 subscribers on Telegram.
Zhora, vice president of the special state communications service, said one of the tasks of Ukrainian volunteers is to obtain intelligence that can be used to attack Russian military systems.
Some cybersecurity experts have expressed concern that enlisting the help of freelancers could have dangerous escalating consequences. A shadowy group claimed to have hacked into Russian satellites; Dmitry Rogozin, director general of the Russian space agency Roscosmos, called the claim false, but was also quoted by the Interfax news agency as saying that such a cyberattack would be considered an act of war.
When asked if he approved of the type of hostile hacking carried out under the umbrella of the Anonymous hacktivist brand – which anyone can claim – Zhora replied: “We do not welcome any illegal activity in cyberspace.”
“But the world order changed on February 24,” he added, when Russia invaded.
The overall effort was spurred by the creation of a group called the Ukrainian Cybervolunteers by a civilian cybersecurity official, Yegor Aushev, in coordination with the Ukrainian Ministry of Defense. Aushev said he had more than 1,000 volunteers. Zakharov said his group had 900 members.
As of Friday, most telecommunications and internet in Ukraine were fully operational despite blackouts in areas captured by invading Russian forces, Zhora said. He reported about 10 hostile hijackings of local government websites in Ukraine to spread false propaganda saying the Ukrainian government had capitulated.
Zhora said suspected Russian hackers continue to try to spread destructive malware in targeted email attacks against Ukrainian officials and – in what he sees as a new tactic – infect people’s devices. individual citizens. Three instances of this malware were discovered while preparing for the invasion.
US Cyber Command assists Ukraine long before the invasion. Ukraine does not have a dedicated military cyber unit. He was standing when Russia attacked.
Zhora anticipates an escalation in Russia’s cyberaggression – many experts believe much worse is yet to come.
Meanwhile, donations from the global computing community continue to pour in. A few examples: NameCheap has donated internet domains while Amazon offers cloud services, Zakharov said.
He said he has international collaborators he calls the “golden team” – elite hackers and entrepreneurs so successful they don’t need to work for just one employer.
“Even Google can’t afford these people.”