Desk Report
Publish: 28 Feb 2022, 11:07 pm
Representational Image || Photo: Collected
Cyber conflicts are fought in the shadows, but in the case of Russia’s invasion of Ukraine, it is a group that calls itself Anonymous that has made the most public declaration of war. Late on Thursday, the hacker collective tweeted from an account linked to Anonymous, @YourAnonOne, that it had Vladimir Putin’s regime in its sights.
In the days since, the group has claimed credit for several cyber incidents including distributed denial of service attacks – where a site is rendered unreachable by being bombarded with traffic – that have brought down government websites and that of Russia Today, the state-backed news service. The DDoS attacks still appeared to be working on Sunday afternoon, with the official sites for the Kremlin and Ministry of Defence still inaccessible.
Anonymous also said it had hacked the Ministry of Defence database, while on Sunday it was claimed the group had hacked Russian state TV channels, posting pro-Ukraine content including patriotic songs and images from the invasion.
The group’s nature
as an informal collective makes it difficult to attribute these attacks to
Anonymous definitively. Jamie Collier, a consultant at US cybersecurity firm
Mandiant, said: “It can be difficult to directly tie this activity to
Anonymous, as targeted entities will likely be reluctant to publish related
technical data. However, the Anonymous collective has a track record of
conducting this sort of activity and it is very much in line with their
capabilities.”
Its targets in the
past have included the CIA, the Church of Scientology, and the Islamic State, and
although the collective was left reeling by a number of arrests in the US in
the early 2010s, it revived activity after the murder of George Floyd. One
former Anonymous member has described its guiding principle as
“anti-oppression”.
Russia Today openly
attributed the problems with its website to Anonymous, and claimed the attacks
came from the US after the group had published its “declaration of war”. A
spokesperson for the channel said: “After the statement by Anonymous, RT’s
websites became the subject of massive DDoS attacks from some 100 million devices,
mostly based in the US.”
By contrast, cyber
activity against Ukraine has been muted so far, despite widespread predictions
that a Russian military assault on the country would be combined with digital
shock and awe. Ukrainian websites were hit with DDoS attacks ahead of the
offensive, including the Ukrainian defense ministry and PrivatBank, Ukraine’s
largest commercial bank, but there has been nothing on the scale of the
NotPetya assault in 2017 – when a devastating malware attack attributed to
Russia destroyed computers in Ukraine and around the world. Cloudflare, a US
tech firm that protects companies against DDoS attacks, described the initial
denial of service sorties last week as “relatively modest”. The UK and US
governments have already blamed an earlier set of DDoS attacks against
Ukrainian websites, on 15 and 16 February, on Moscow.
As with the attacks
claimed by Anonymous, DDoS salvos are designed to sow confusion and damage
morale, whereas malware can cause serious and irreparable damage. NotPetya, a
so-called wiper virus that was inserted into tax accounting software used by
Ukrainian firms but spilled into other countries, caused $10bn (£7.5bn) of damage
worldwide by encrypting computers permanently.
Last week Ukraine
was hit by an attempted wiper attack, via a new strain of malware dubbed
HermeticWiper that prevented computers from rebooting. However, the scale of
the attack left only several hundred machines affected and its geographic reach
beyond Ukraine has been limited to Latvia and Lithuania.
There have been
cyber skirmishes elsewhere in the conflict. Partial restrictions have been
imposed on Facebook by the Russian government after officials accused the
social network of censoring state-backed media on the platform, prompting
Facebook to ban ads from Russian state media. Google’s YouTube platform has
also banned state media adverts. Another US tech titan, Elon Musk, is providing
satellite internet access to Ukraine via his Starlink satellites, while the
Ukrainian government is openly seeking international donations in
cryptocurrency and has reportedly received millions of dollars in response.
Nonetheless, the
cyber dimension to the Ukraine conflict has been low-key up to this point.
Ciaran Martin, professor of practice at the Blavatnik School of Government at
Oxford University and former head of the UK’s National Cyber Security Centre,
says cyber has played “remarkably little part” in the conflict, at least so
far.
“The cyber activity
from Russia against Ukraine has been there but is consistent with Russia’s
cyber harassment of the country going back years. Similarly, from what we can
see, the response against Russia from the west has not had a strong cyber
component so far – it has been about stringent sanctions. All of this might
change, and the west is right to remain on high alert for increased cyber
activity.”
Subscribe Shampratik Deshkal Youtube Channel
© 2024 Shampratik Deshkal All Rights Reserved. Design & Developed By Root Soft Bangladesh