It is more than a paramilitary force for cyberattack in Europe’s first major war of this age. It is vital to information combat and crowdsourcing intelligence.
“We are really a swarm. Roman Zakharov (37-year-old IT executive in the middle of Ukraine’s digital army bootstrap) described it as a self-organizing swarm.
The inventions of volunteer hackers include software tools that allow smartphone and computer owners to participate in distributed denials-of-service attacks against official Russian websites. Bots on Telegram messenger platform block disinformation and let people report Russian troop locations. They also offer basic first aid instructions and instructions for assembling Molotov cocktails.
Before joining Ukraine’s digital defense corps, Zahkarov worked as a researcher at an automation startup. His group is StandForUkraine. He said that the group includes software engineers, marketing managers and graphic designers, as well as online ad buyers.
This movement is global and draws on IT professionals from the Ukrainian diaspora, whose work includes web defacements that include antiwar messaging and graphic images showing death and destruction in order to mobilize Russians against the invasion.
Zakharov stated that both our nations are afraid of one man — Russian President Vladimir Putin. He’s out of his head.” Zakharov said that volunteers reach out to Russians person-to-person with emails, text messages and phone calls. They also send video and photos of the dead soldiers of the invading force via virtual call centers.
Some create websites. Such as a site where Russian mothers can view (photos) captured Russian men to find their sons,” Zakharov stated by phone from Kyiv.
It is hard to assess the effectiveness of cyber volunteers. The Russian government websites were repeatedly taken offline by DDoS attacks. However, they have generally survived them with countermeasures.
Freelancers who work in solidarity with Ukrainian hackers, but independently, are causing a lot of disruption.
A tool called “Liberator”, allows anyone with a digital device to join a DDoS attack group, or botnet. As priorities change, the programmers of the tool code new targets.
Is it legal? Analysts claim it is illegal and violates international cyber norms. Its Estonian developers claim that they acted in coordination with the Ministry of Digital Transformation of Ukraine.
Victor Zhora, a top Ukrainian cybersecurity official, said at Friday’s first online news conference that only homegrown volunteers are attacking what they consider military targets. He included the financial sector and Kremlin controlled media as well as railways. He didn’t discuss specific targets.
Zakharov did. He stated that Russia’s banking sector was protected against attack, but that certain telecommunications networks were vulnerable and some rail services were not. He claimed that Ukrainian-organized cyberattacks had temporarily interrupted rail ticket sales in western Russia’s Rostov and Voronezh, and disrupted telephone service in eastern Ukraine under Russian-backed separatists. These claims were not independently verified.
Cyber Partisans, a group of hackers from Belarus, disrupted rail service in neighboring Belarus last week to stop transiting Russian troops. According to a spokeswoman, electronic ticket sales are still down because of the malware attack that froze IT servers at railway stations.
Mykhailo Fedorov (Ukraine’s minister for digital transformation), , announced that a volunteer cyber army was being created over the weekend. Telegram now has 290,000 followers for the IT Army of Ukraine.
Zhora, the deputy chair of state special communications, stated that one of the jobs of Ukrainian volunteers was to get intelligence that could be used to attack Russian military installations.
Some cybersecurity experts expressed concern that asking for help from freelancers who are not in compliance with cyber norms could lead to dangerous escalatory results. Dmitry Rogozin (director general of Roscosmos’ Russian space agency) claimed that hackers had hacked Russian satellites. However, Interfax reported that Rogozin said such an attack would be considered a war crime.
When Zhora was asked if he supported the type of hostile hacking that is being carried out under the Anonymous hacktivist brand, which anyone can claim, Zhora replied, “We don’t welcome any illegal activity within cyberspace.”
He added that “But the world ordered changed on the 24th February” when Russia invaded.
In coordination with the Ukrainian Defense Ministry, Yegor Aushev, a civilian cybersecurity executive, created a group called Ukrainian Cyber Volunteers to spur the overall effort. Aushev stated that it has more than 1,000 volunteers.
Zhora stated that most of Ukraine’s internet and telecommunications were operational on Friday, despite the outages caused by Russian forces. Zhora reported on 10 hostile hijackings at local government websites in Ukraine, spreading false propaganda that the government of Ukraine had surrendered.
Zhora stated that believed Russian hackers tried to spread destructive malware through targeted email attacks against Ukrainian officials and — in his view — to infect individual citizens’ devices using a new tactic. In the days leading up to the invasion, three instances of such malware were found.
Since before the invasion, U.S. Cyber Command has been supporting Ukraine. Ukraine doesn’t have a dedicated cyber unit. It had one when Russia attacked.
Zhora predicts an increase in Russia’s cyber aggression. Experts believe that much worse is yet to come.
Despite this, donations continue to come in from the international IT community. Zakharov said that NameCheap donated domains to the Internet, while Amazon generously provided cloud services.