Hacker groups playing a big role in Ukraine crisis

Tech companies and hacker groups are picking sides in the Russia-Ukraine crisis.
28 February 2022

A protester in Ukraine wearing a Guy Fawkes mask, made notorious by the hacker collective Anonymous. (Photo by ARIS MESSINIS / AFP)

Hacker groups have come together to help Ukraine defend itself in cyber warfare as Russia continues its invasion of the country. The Ukrainian government made a plea to the country’s underground hacker network last week to help them deal with the mounting cyberattacks on its public and private systems. Hacker groups have responded by launching several counterattacks on Russian platforms.

Before the call, the UK and US reported that Russian military hackers were behind a spate of DDoS attacks last week that briefly knocked Ukrainian banking and government websites offline before the Russian ground invasion.

“Most planned attacks arrive with volumetric and nuisance threats – the “shock and awe” tactic we’re seeing via the onslaught of DDoS attacks. However, these threats often provide air cover while attackers lay the groundwork for the main event. Organizations should assume that once a fast and furious attack dies down, a far more destructive attack is in the works,” said Jeff Costlow, the CISO of ExtraHop,

For Costlow, defenders need to stay on guard and focus on the midgame, where the attacker pivots through your infrastructure, taking actions that can alert your team to the intrusion – command and control communications, data staging, and lateral movement. As such, the IT army that the Ukrainian government has called upon will be hoping to help them in the cyberwar to their advantage. And now, global hacker groups are also joining the call.

Hacker group Anonymous has answered and has since claimed credit for several cyber incidents on Russian websites. According to The Guardian report, Anonymous brought down government websites and well-known state-backed news site, Russia Today (RT). The hacker group also said it broken into the Ministry of Defence database and posted pro-Ukraine content o Russian state TV channels.

Anonymous has also launched cyberattacks directly on the Russian President as well. On Saturday, reports showed that the hacker group was able to infiltrate maritime traffic data and made the Russian President’s yacht information look like it had crashed into an island in Ukraine. The hacker group also changed the destination of the yacht to “hell”.

Apart from Anonymous, hacker group Ghostsec has also announced their support for Ukraine. Known also as Ghost Security, the outfit was initially formed to target ISIS websites.

At the same time, hacker networks have also been joining the Russian side in launching more attacks on Ukraine. Among the groups supporting Russia’s cyberattacks include Conti, who was known for weaponizing the Log4Shell vulnerability, and has threatened attacks on critical infrastructure. Other groups include The Red Bandits, SandWorm, and UNC1151, and all of them have already begun engaging in cyberwarfare with Ukraine.

Hacker groups are not only the ones involved in the crisis. With internet connectivity being disrupted by the invasion, Elon Musk tweeted that his SpaceX Starlink satellite broadband service is available in Ukraine. SpaceX will also be sending additional terminals to the country.

Tech companies have also come to the aid of Ukraine. Twitter is already restricting access to some users in Russia while messaging app Telegram founder Pavel Durov said the app is further considering partially or fully restricting the operation of some channels, if the situation in Ukraine escalates.

Google has also banned downloads of Russian state-owned media outlet RT’s mobile app on Ukrainian territory. The move means that new users will not be able to download the RT News app in Ukraine while current users may still be able to access it but will not get new updates pushed by RT. Google also confirmed that it has temporarily disabled Ukraine from some Google Maps tools, which provide live information about traffic conditions and how busy different places are.