As Russia tightens its grip over Ukraine, the world watches. All are asking what tragic news will come next. But not all only watch. While most wait, many fight. Some for money, others for patriotism, and many more under the orders of armies. A war that has split the world has also split the world’s hackers. A bank, the navy, and the Kremlin have been visible targets in this battle of bullets and propaganda. We are going to unravel the forces seeking to fight Russia on the battle field of the 21st century: cyber space, where hackers are targeting Russia with malware and DDoS attacks.
Let’s start with the first shot fired over the wire.
Which hackers are targeting Russia?
All wars are the result of many small things. But when looking back, we can look at one event as a symbol of the moment when everything changed. A crossing of the liminal space between peace and… well, now. The Ukraine war crossed its own Rubicon when the border was stormed by Russian forces. But the cyber war was a different story. Moments like Petya and NotPetya hinted at the destruction to come, but the real cyber war began when Mykhailo Fedorov called for an army to rise. Fedorov is the vice prime minister of Ukraine. In 2022, he called for devs and IT types to unite in the fight against Russia.
The force he gathered is now known as the The IT Army of Ukraine. The acts of this group vary wildly. Many around the world just sign up for hVpn and launch a premade DDoS script against Russian sites. Higher ups plan targets for the normies to target using the script. All in all, it’s disorganized and simple.
What are we looking at?
Of course, what should we expect for a country clinging to life? Yet this simple tactic proves a source of big wins:
- IT Army took down comms systems for enemy combat systems.
- Attacks against state-owned Russian banks.
- Helping new cyber warriors get into the online fight.
- OSINT for boots on the ground.
In other words, they’ve used simple tech and good numbers to launch attacks that don’t require much fancy tech. Of course, the IT army only does the simplest ops. To learn about the hottest hacks, we have to dive deeper.
In general, hacking groups align with the countries they reside in. Chinese and Russian groups side with Russia. Western groups side with NATO and Ukraine. This just shows us that hacking groups are not as free and independent from national governments as most people believe. Perhaps the most impact has come from the new rise of Anonymous.
Most of the “anons” who help Ukraine are not part of the broader Anonymous hacker movement of the days of yore. Rather, this new breed of hacker are mostly middle aged tech workers. These men and women help write malware and tools, eager to fight in the war they only know from media reports.
So what have they done? How has the new version of Anonymous harmed Russia? First, they wreaked havoc on Russian money lenders within days of the invasion. And since then, their role in the conflict has only grown. Most notably, Russia accused Anon of taking down the site of the Ministry of Defense.
Yet an air of conspiracy has shrouded Anonymous during the Ukraine war. Since the start, Russia has accused Western states of launching attacks and claiming every day people did it. Few if any can pierce the veil of propaganda from both sides. Normal people don’t have much access to direct info, so we have to look through the lies and figure out for ourselves what’s going on.
So what do we see?
What we can see: Ukraine, the EU, and the US encourage Anons to attack Russian infra and military targets. Real people are doing this, not just state puppets. But it’s not clear how much the state controls their ops. Due to the fog of war, it’s not even clear who is behind some attacks. Anon is blamed for knocking down banks and Russian gov websites early on, but they often take credit for attacks. The true hackers hide behind a mask of anonymity, while the bigger Anon org lets them use the name “anonymous”.
The role of Anon appears similar to what happened during America’s war on ISIS. Normal people worked with the CIA to target enemies of the state. This is a far cry from the old days of Anon, when they themselves were enemies of the gov. Thus, the public questions how genuine these “anon” attacks are.
State actors: Government hackers are targeting Russia!
Despite the fiery speeches, most states have done little (if anything!) to decisively end the war. Like in the cold war, the heads of state all seem to know that they have to argue, with no real head-on fight. Since this is a war, most readers are worried about attacks from actual states. Hacks on nuclear facilities, army bases, or other targets that we can interpret as a real act of war. Things will really change for the worse if hackers are targeting Russia with direct state or military support. But NATO remains on the sideline, averting global war. Both Biden and Putin promise to make things worse if the other side crosses a line, yet neither seems to want it in real life.
NATO’s current cyber tactic mostly involves making its own networks stronger. Leaders work with top companies to protect key assets that the nation needs. Which is a good thing even if there were no war! The same is true for Russia’s approach. Defense is the priority. The offense is left to amateur hackers and affinity groups, whose true motives are harder to unravel. Due to ideology, these hackers would rather help their country’s interests than make quick cash with bug bounties.
Russia puts a lot of work into blaming attacks on the West. But I hope this guide gives you a better idea of what’s really going on. Cyber warfare remains in its infancy, but we’re seeing the start of a new way to fight. Some orgs, such as code !guns, are even advising third world govs on building peace using tech, instead of just accruing cyber weapons. Hopefully, our leaders will make peace before we suffer the effects of a true cyber war.