-
Ukraine’s IT army claims to have launched thousands of attacks on Russian organizations.
-
The group, formed shortly after Russia’s invasion of Ukraine, has members from all over the world.
-
Experts told BI that there are risks in placing so much responsibility in civilian hands.
Shortly after Russia launched its full-scale invasion of UkraineThe Ukrainian government has issued a call to technology experts around the world to use their skills in the fight against the invading nation.
“We are creating an IT army. We need digital talent,” said Mykhailo Fedorov, then deputy prime minister of Ukraine. wrote on X at the time.
Eager volunteers quickly responded to the call, and within a month the group’s Telegram channel had nearly 300,000 subscribers.
As the number of members increased, so did the activity of the IT army and, by the end of May, the group had released around 2,000 cyberattacks on Russian organizations, Ukraine’s Ministry of Digital Transformation said on Telegram.
A spokesperson for the group, who goes by the name Ted, told Business Insider that “they currently see tens of thousands of devices and possibly thousands of people behind them.”
“Although we experience a steady decline in subscriber numbers [to the army’s Telegram channel]the number of active devices involved is growing,” Ted added.
While the exact location of the participants is unknown, the military has international reach, Ted said.
The IT Army website provides detailed resources explaining in Ukrainian and English how volunteers can help, with guides on how to install the “IT Army Kit”, which contains the tools needed to conduct cyber attacks.
Volunteers can even use the toolkit to configure attacks to run in the background, preventing tasks from interrupting their daily activities.
Leaderboard statistics are also published to help gamify the process, increasing engagement and promoting competition among users.
Russian organizations are vulnerable to cyber warfare, experts say
Russian organizations are particularly susceptible to DDoS (distributed denial of service) attacks – which is an effort to overload a website or network.
In the West, there are a number of services that help protect businesses against DDoS attacks, Alan Woodward, professor at the University of Surrey’s Surrey Center for Cyber Security, told BI.
In Russia, however, “they have the expertise, but not necessarily the service providers, who sit at the helm of organizations to detect and deflect DDoS attacks,” Woodward added.
In June, the IT army said it had launched a major DDoS attack against Russian banks, including VTB, Gazprombank, Sberbank and several others, as well as the country’s Mir payments system – the Russian equivalent of Visa or Mastercard.
Woodward said the incident “certainly left the impression that the group is capable of carrying out significant attacks.”
The IT army and other hacktivist groups have also managed to target Russian media outlets.
In June 2023, Russian state TV and other channels were targeted by hackerswith a video broadcast in Ukrainian warning viewers: “The time for reckoning has come.”
Cyberattacks like these play a “very important role” in Ukraine’s cyber defense, Stefan Soesanto, a senior researcher at the Center for Security Studies at ETH Zurich, told BI.
“While most of their DDoS efforts cause only short-term disruptions, they are persistent when it comes to specific Russian companies and platforms,” he said. “They will attack you again and again.”
Roskomnadzor, Russia’s federal censorship agency, said it repelled almost three times as many DDoS attacks in the first quarter of 2024 as in all of 2023, Russian news website Kommersant reported.
Such attacks could also help “support the defensive movements of the Ukrainian army,” said Vasileios Karagiannopoulos, associate professor of cybercrime and cybersecurity at the University of Portsmouth.
They can “help combat disinformation efforts and make things easier on the cyberespionage level,” he said.
“It also helps to symbolically generate an image of vulnerability that can impact the morale of opponents and, respectively, increase the morale of Ukrainian troops and citizens,” Karagiannopoulos added.
The Ukrainian government may want to keep its distance from the group
The IT army has an internal team, which some specialists to believe it was taken over by the Ukrainian intelligence service and the country’s Ministry of Defense.
“The IT Army is managed by the SBU and the Ukrainian Ministry of Defense,” Soesanto said, adding that they receive support from the Ukrainian Ministry of Digital Transformation.
“The volunteers who participate in the IT Army today do not know which sites, IP addresses and services are DDoSed [attacking],” he said, adding that everything was “centralized, with a handful of people making the targeting decisions.”
Ted told BI that “the MoD does not run the IT army, but there is collaboration to ensure efforts are synchronized.”
The Ukrainian Ministry of Defense did not respond to a request for comment from BI on the nature of its relationship with the IT army.
The Ukrainian government likely wants to keep the group “at arm’s length,” Woodward said.
“Or at least organize matters so that there is plausible deniability on the part of the Ukrainian government if an attack results in undesirable, albeit unintended, consequences,” he added.
One of the main risks of the force, Karagiannopoulos said, is that sometimes “volunteers may not follow instructions” and “organize their own attacks,” potentially impacting people “in different countries and networks.”
It is also unclear “whether these individuals could be targeted by the Russian military as combatants when they are considered to be directly participating in hostilities,” he added.
However, the IT army is “first in the world,” continued Karagiannopoulos. “We received an explicit appeal from government officials for people to join,” but these hackers are not formally part of the Ukrainian military.
This will set a precedent for future conflicts as cyber warfare becomes more common, he added.
Read the original article at Business Insider
/cdn.vox-cdn.com/uploads/chorus_asset/file/25334828/STK466_ELECTION_2024_CVirginia_F.jpg?w=300&resize=300,300&ssl=1 "Trump campaign allegedly hacked by Iranian government")
