Hacktivists Stoke Pandemonium Amid Russia’s War in Ukraine

“We continue to help Ukrainians in their fight against Russian occupation forces,” the group said tweeted on Sunday. “The Railways is under attack. … Manual control mode is enabled, which will slow down the movement of trains but will NOT create emergency situations. It will NOT endanger ordinary citizens! ”

Cyber ​​Partisans spokesperson Yuliana Shemetovets told WIRED that the group has grown in recent weeks. “Five new people, Belarusians, joined the group since the war started,” she said. “More are on the list to be verified.”

Meanwhile, the Conti and CoomingProject ransomware groups announced their allegiance to Russia last week. Soon after, more than 60,000 of Conti’s internal messages leaked, along with the message “Glory to Ukraine!” The trove, presumably leaked by Conti affiliates, reveals details about how the group is organized and how it operates. On Wednesday, Conti seemed to be dismantling its infrastructureevidence of the impacts hacktivism can have, regardless of whether such protests directly shape the course of the war.

Hacktivists aren’t the only ones leaking data left and right. On Tuesday, the Ukrainian newspaper Pravda published a trove of personal data allegedly identifying roughly 120,000 Russian soldiers deployed in Ukraine. And Ukraine’s IT Army has been working to employ some hacktivist techniques in a more organized and strategic way.

“DDoS is all well and good, but it’s a blunt instrument,” an IT Army participant who goes by the handle “November” tells WIRED. “We wish to be more precise, carefully selecting our targets and avoiding any collateral damage to the livelihood. and well-being of the Russian citizenry. Our primary concern is in countering Russian disinformation on conflict, by any means possible, and providing quality open-sourced intelligence in an effort to preserve Ukrainian lives. ”

In a situation like the invasion of Ukraine, hacktivism could do more harm than good. Some researchers note that a worst-case scenario of hacktivism would be an incident or series of attacks that inadvertently escalates a conflict or is used as a pretext for escalation by one side or the other.

Additionally, by calling attention to the cybersecurity shortcomings of high-sensitivity networks and digital platforms, hacktivists could inadvertently expose friendly intelligence forces already lurking there.

“Hacktivism by its very nature is always loud, and intelligence by its nature is usually quiet,” says incident responder and former NSA hacker Jake Williams. “Well-meaning hacktivists being loud may unwittingly lead security forces to intelligence operation that may have been ongoing in that network and flying under the radar. So they’re essentially outed and lose access because of an investigation into a hacktivist attack. ”

Some hacking tools used by that intelligence force may also be exposed in such a situation, rendering them less useful.

Williams adds that when spies lose access to information they want or need during a combat situation, they are forced to try to reestablish that access however they can. To get the job done quickly, individuals may take greater risks of exposing themselves or use hacking tools that could later be exposed.

“When there are boots on the ground, when there are bullets flying, it absolutely changes the calculus on whether hacktivism is a net positive,” he says. “All that said, if I were Ukrainian I would probably be hacking the hell out of Russian stuff, and I could care less about the West’s long-term intelligence capability.”

More Great WIRED Stories

Source link