Ukraine’s hundreds-strong volunteer “hacker” corps, formed in a rage to fight Russia’s blitzkrieg offensive, is much more than a paramilitary cyberattack force in Europe’s first big battle of the internet age. It’s critical for information warfare and intelligence crowdsourcing.
“We’re a swarm of bees.” Roman Zakharov, a 37-year-old IT executive at the heart of Ukraine’s scrappy digital army, described it as “a self-organizing swarm.”
Volunteer hackers have created everything from software tools that allow anyone with a smartphone or computer to participate in distributed denial-of-service attacks on official Russian websites to Telegram bots that block disinformation, allow people to report Russian troop locations, and provide instructions on how to make Molotov cocktails and basic first aid.
Before joining Ukraine’s digital self-defense corps, Zahkarov worked as a researcher at an automation firm. StandForUkraine is his organization. Software engineers, marketing managers, graphic designers, and internet ad buyers are among the company’s employees, he claimed.
The movement is international, relying on IT specialists from Ukraine’s diaspora to deface websites with anti-war messages and graphic images of death and damage in the goal of rousing Russians against the invasion.
“A single man terrifies both of our countries — (Russian President Vladimir) Putin, “Zakharov stated. “He’s completely insane.” Volunteers reach out to Russians one-on-one via phone calls, emails, and text messages, as well as sending videos and photographs of dead invading force soldiers from virtual contact centers, he claimed.
Some create websites, such as one where “Russian mothers can go through (pictures of) detained Russian guys to find their sons,” according to Zakharov, who spoke to Zakharov by phone from Kyiv, Ukraine’s capital.
It’s tough to assess the efficiency of the cyber volunteers. Russian government websites have been repeatedly taken down by DDoS attacks, although for a short time, but have generally weathered the storm with countermeasures.
It’s impossible to estimate how much of the disruption — including more catastrophic intrusions — is caused by freelancers operating in tandem with Ukrainian hackers but independently.
Anyone with a digital device can join a DDoS assault network, or botnet, using an application called “Liberator.” As priorities shift, the tool’s coders add new targets.
Is it, however, legal? According to some observers, it is a violation of international cyber rules. Its Estonian creators claim to have worked “in conjunction with Ukraine’s Ministry of Digital Transformation.”
Victor Zhora, a top Ukrainian cybersecurity official, emphasized during his first online press conference of the war on Friday that local volunteers were exclusively hitting military targets, citing the financial sector, Kremlin-controlled media, and railways as examples. He didn’t mention any specific targets.
It was Zakharov who accomplished it. He claimed that while Russia’s financial sector was well-defended, some telecoms networks and rail systems were not. Since 2014, he added, Ukrainian-organized cyberattacks have temporarily disrupted rail ticket sales in western Russia around Rostov and Voronezh, as well as knocked out phone service in the eastern Ukraine region controlled by Russian-backed separatists. The assertions could not be verified independently.
In an apparent attempt to frustrate traveling Russian troops, a group of Belarusian hacktivists known as the Cyber Partisans disrupted rail service in neighboring Belarus this week. After their cyber attack froze up railway IT infrastructure, a spokesman stated Friday that electronic ticket sales were still unavailable.
Mykhailo Fedorov, Ukraine’s minister of digital transformation, announced the formation of a volunteer cyber army over the weekend. On Telegram, the Ukrainian IT Army presently has 290,000 followers.
One of the jobs of Ukrainian volunteers, according to Zhora, deputy chair of the state special communications service, is to gather intelligence that can be used to attack Russian military systems.
Some cybersecurity experts are concerned that enlisting the aid of freelancers who break cyber rules could lead to dangerous escalation. One mysterious party claimed to have hacked Russian satellites; Dmitry Rogozin, director general of Russia’s space agency Roscosmos, denied the accusation but was quoted by the Interfax news agency as saying that such a cyberattack would be regarded a war crime.
“We do not favor any unlawful behavior in cyberspace,” Zhora replied when asked if he supported the type of aggressive hacking carried out under the Anonymous hacktivist brand, which anyone can claim.
“However, on February 24th, the world order altered,” he added, referring to Russia’s invasion.
The formation of the Ukrainian Cyber Volunteers by a civilian cybersecurity executive, Yegor Aushev, in collaboration with Ukraine’s Defense Ministry, sparked the broader endeavor. It has over 1,000 volunteers, according to Aushev.
Despite interruptions in regions controlled by invading Russian forces, most of Ukraine’s telecommunications and internet remained completely operating on Friday, according to Zhora. He reported ten hostile hijackings of local government websites in Ukraine in order to distribute fake information claiming that Ukraine’s government had surrendered.
Presumptive Russian hackers, according to Zhora, have continued to try to distribute dangerous malware through targeted email attacks on Ukrainian officials and — in what he calls a new technique — infecting individual residents’ devices. In the run-up to the invasion, three instances of this malware were found.
Since far before the invasion, the US Cyber Command has been aiding Ukraine. Ukraine lacks a specific cyber-military unit. When Russia attacked, it was standing one up.
Many analysts feel that worse is still to come in Russia’s cyber aggression, according to Zhora.
Meanwhile, donations from the IT community around the world continue to flood in. Here are a few examples: According to Zakharov, NameCheap has donated internet domains and Amazon has donated cloud services.