Ukraine digital army brews cyberattacks, intel and infowar

Mar 4, 2022, 10:02 AM | Updated: 10:58 pm

BOSTON (AP) — Formed in a fury to counter Russia’s blitzkrieg attack, Ukraine’s hundreds-strong volunteer “hacker” corps is much more than a paramilitary cyberattack force in Europe’s first major war of the internet age. It is crucial to information combat and to crowdsourcing intelligence .

“We are really a swarm. A self-organizing swarm,” said Roman Zakharov, a 37-year-old IT executive at the center of Ukraine’s bootstrap digital army.

Inventions of the volunteer hackers range from software tools that let smartphone and computer owners anywhere participate in distributed denial-of-service attacks on official Russian websites to bots on the Telegram messaging platform that block disinformation, let people report Russian troop locations and offer instructions on assembling Molotov cocktails and basic first aid.

Zahkarov ran research at an automation startup before joining Ukraine’s digital self-defense corps. His group is StandForUkraine. Its ranks include software engineers, marketing managers, graphic designers and online ad buyers, he said.

The movement is global, drawing on IT professionals in the Ukrainian diaspora whose handiwork includes web defacements with antiwar messaging and graphic images of death and destruction in the hopes of mobilizing Russians against the invasion.

“Both our nations are scared of a single man — (Russian President Vladimir) Putin,” said Zakharov. “He’s just out of his mind.” Volunteers reach out person-to-person to Russians with phone calls, emails and text messages, he said, and send videos and pictures of dead soldiers from the invading force from virtual call centers.

Some build websites, such as a “site where Russian mothers can look through (photos of) captured Russian guys to find their sons,” Zakharov said by phone from Kyiv, the Ukrainian capital.

The cyber volunteers’ effectiveness is difficult to gauge. Russian government websites have been repeatedly knocked offline, if briefly, by the DDoS attacks, but generally weather them with countermeasures.

It’s impossible to say how much of the disruption — including more damaging hacks — is caused by freelancers working independently of but in solidarity with Ukrainian hackers.

A tool called “Liberator” lets anyone in the world with a digital device become part of a DDoS attack network, or botnet. The tool’s programmers code in new targets as priorities change.

But is it legal? Some analysts say it violates international cyber norms. Its Estonian developers say they acted “in coordination with the Ministry of Digital Transformation” of Ukraine.

A top Ukrainian cybersecurity official, Victor Zhora, insisted at his first online news conference of the war Friday that homegrown volunteers were attacking only what they deem military targets, in which he included the financial sector, Kremlin-controlled media and railways. He did not discuss specific targets.

Zakharov did. He said Russia’s banking sector was well fortified against attack but that some telecommunications networks and rail services were not. He said Ukrainian-organized cyberattacks had briefly interrupted rail ticket sales in western Russia around Rostov and Voronezh and knocked out telephone service for a time in the region of eastern Ukraine controlled by Russian-backed separatists since 2014. The claims could not be independently confirmed.

A group of Belarusian hacktivists calling themselves the Cyber Partisans also apparently disrupted rail service in neighboring Belarus this week seeking to frustrate transiting Russian troops. A spokeswoman said Friday that electronic ticket sales were still down after their malware attack froze up railway IT servers.

Over the weekend, Ukraine’s minister of digital transformation, Mykhailo Fedorov, announced the creation of an volunteer cyber army. The IT Army of Ukraine now counts 290,000 followers on Telegram.

Zhora, deputy chair of the state special communications service, said one job of Ukrainian volunteers is to obtain intelligence that can be used to attack Russian military systems.

Some cybersecurity experts have expressed concern that soliciting help from freelancers who violate cyber norms could have dangerous escalatory consequences. One shadowy group claimed to have hacked Russian satellites; Dmitry Rogozin, the director general of Russia’s space agency Roscosmos, called the claim false but was also quoted by the Interfax news agency as saying such a cyberattack would be considered an act of war.

Asked if he endorsed the kind of hostile hacking being done under the umbrella of the Anonymous hacktivist brand — which anyone can claim — Zhora said, “We do not welcome any illegal activity in cyberspace.”

“But the world order changed on the 24th of February,” he added, when Russia invaded.

The overall effort was spurred by the creation of a group called the Ukrainian Cyber Volunteers by a civilian cybersecurity executive, Yegor Aushev, in coordination with Ukraine’s Defense Ministry. Aushev said it numbers more than 1,000 volunteers.

On Friday, most of Ukraine’s telecommunications and internet were fully operational despite outages in areas captured by invading Russian forces, said Zhora. He reported about 10 hostile hijackings of local government websites in Ukraine to spread false propaganda saying Ukraine’s government had capitulated.

Zhora said presumed Russian hackers continued trying to spread destructive malware in targeted email attacks on Ukrainian officials and — in what he considers a new tactic — to infect the devices of individual citizens. Three instances of such malware were discovered in the runup to the invasion.

U.S. Cyber Command has been assisting Ukraine since well before the invasion. Ukraine does not have a dedicated military cyber unit. It was standing one up when Russia attacked.

Zhora anticipates an escalation in Russia’s cyber aggression — many experts believe far worse is yet to come.

Meantime, donations from the global IT community continue to pour in. A few examples: NameCheap has donated internet domains while Amazon has been generous with cloud services, said Zakharov.

Copyright © The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.


Associated Press

Economists: Current measures won’t meet German energy goals

BERLIN (AP) — Germany won’t achieve its targets for phasing out fossil fuels and ramping up renewable energy by 2030 with the measures currently in place, according to a think tank report released Wednesday. The respected German Institute for Economic Research, or DIW, examined the goals that Chancellor Olaf Scholz’s government set itself since coming […]
1 hour ago
Climate activists demonstrate outside the European Parliament , Tuesday, July 5, 2022 in Strasbourg...
Associated Press

EU parliament set for cliff-edge vote on green investments

BRUSSELS (AP) — European lawmakers will decide Wednesday whether fossil gas and nuclear energies can be included in the EU’s list of sustainable activities, in a cliff-edge vote targeting climate change but heavily influenced by the war in Ukraine. The executive Commission of the 27-nation bloc wants nuclear energy and natural gas in its green […]
1 hour ago
Britain's Prime Minister Boris Johnson, left, and Britain's Chancellor of the Exchequer Rishi Sunak...
Associated Press

UK’s Johnson vows to stay in office after top ministers quit

LONDON (AP) — A defiant British Prime Minister Boris Johnson was battling to stay in power on Wednesday after his government was rocked by the resignation of two top ministers, who said they could no longer serve under his scandal-tarred leadership. His first challenge is getting through Wednesday, where he faces tough questions at the […]
1 hour ago
European Commission President Ursula von der Leyen delivers her speech at the European Parliament d...
Associated Press

EU chief warns of danger of complete cut-off of Russian gas

BRUSSELS (AP) — European Commission chief Ursula von der Leyen said Wednesday that the 27-nation Europe Union needs to make emergency plans to prepare for a complete cut-off of Russian gas in the wake of the Kremlin’s war in Ukraine. The EU has already imposed sanctions on Russia, including on some energy supplies, and is […]
1 hour ago
FILE - OPEC Secretary-General Mohammad Barkindo speaks during the Atlantic Council's Global Energy ...
Associated Press

OPEC secretary-general is dead, Nigerian officials announce

ABUJA, Nigeria (AP) — The Secretary-General of the Organization of Petroleum Exporting Countries has died, Nigerian authorities announced Wednesday. Mohammad Barkindo, 63, died late Tuesday, a spokesperson for Nigeria’s petroleum ministry told The Associated Press. The reason for his death was not immediately known. The Vienna-based oil cartel known as OPEC that he oversaw did […]
1 hour ago
This image released by Paramount+ shows, from left, Rebecca Romijn as Una, Ethan Peck as Spock, bac...
Associated Press

Star Trek’s ‘Strange New Worlds’: In defense of episodic TV

Two generations after its 1966 debut, the universe of “Star Trek” has become a vast and sprawling mural in these heady days of streaming TV. There’s the dark and bingeworthy “Star Trek: Picard,” a deep character study of an aging and beloved captain confronting his demons — and saving life as we know it twice […]
1 hour ago

Sponsored Articles

(Courtesy Condor)...
Condor Airlines

Condor Airlines shows passion for destinations from Sky Harbor with new-look aircraft

Condor Airlines brings passion to each flight and connects people to their dream destinations throughout the world.
Christina O’Haver

BE FAST to spot a stroke

Every 40 seconds—that’s how often someone has a stroke in the United States. It’s the fifth leading cause of death among Americans, with someone dying of a stroke every 3.5 minutes.
Arizona Division of Problem Gambling

Arizona Division of Problem Gambling provides exclusion solution for young sports bettors

Sports betting in Arizona opened a new world to young adults, one where putting down money on games was as easy as sending a text message.
Ukraine digital army brews cyberattacks, intel and infowar