IN today's exploration of cyber security tech news we've all seen the pictures
coming out of ukraine of normal ordinary people taking up arms
making molotov cocktails to defend themselves from the advancing
russian forces but what you probably haven't heard of is the it
army of ukraine set up just a few days ago by the
ukrainian government.
it's made up entirely of volunteers volunteers which
aren't just ukrainians but people all over the world with one mission
to disrupt the computer systems of russian
organizations and the russian government itself in this blog i
want to explore how ukraine's it army came into existence and the other
hacktivist organizations working alongside them so how did this it army come
to be well in a recent blog i reported on the
ukrainian government openly calling on the hakka undergrounds to
defend against russia pleading with cyber criminals to put their skills to
good use and volunteer for the ukrainian military side units
judging from the google forms application page they were looking for people
with skills such as social engineering malware analysis and threat
intelligence well i can only imagine they were absolutely overwhelmed with
responses because the day after this form went live on day three of the
invasion a ukrainian government
official tweeted we are creating an IT army.
we need digital talents we continue to fight on the cyber front he
links the telegram channel and this has essentially become a hub for the
ukrainian government to dish out operations to the over 270 thousand people
that have joined and before we go any further i need to make it crystal clear
as per blog's community guidelines i am not encouraging you to join in on the
operations and involve yourself i'm merely documenting what's going on here so
let's proceed their very first post says task 1.
we encourage you to use any vectors of cyber and
DDOS attacks on these resources they then list a bunch of
targets russian corporations banks and state
organizations notice they're translating a lot of their posts into
english for it specialists from other countries this raises some interesting
questions as they're obviously encouraging people from outside
ukraine to get involved.
Now
non-ukrainians taking part of which there will be many are effectively
breaking hacking laws in their home countries and what happens if a damaging
hack is traced back to someone in a western country will russia see
that as an act of aggression carried out by that country who knows we're in
unchartered territory here i've been in this telegram channel for a few days
now and every few hours a new list of targets is published here they're
listing a bunch of belarusian websites a few hours later results many of the
websites were knocked completely offline but at the end of the day
DDOSing isn't hacking and taking random websites offline just
isn't going to end the war so what's the real goal here well it seems to be as
simple as cause as much chaos and inconvenience as possible just like many
russian sports teams have been banned from competing in tournaments and many
companies like apple have promised not to do business within russia screwing
with russian websites is yet another thorn in
russia's backside this cyber guerrilla warfare isn't going to change anything on
its own.
But perhaps all the inconvenience cumulatively adds up and gets
the attention maybe not of putin himself but rather ordinary russians but it
isn't all just ddosing a bug bounty website hackenproof has launched an
interesting bug bounty program on behalf of russian companies and government
organizations they're encouraging people to find critical vulnerabilities in
russian hosting providers telecoms aerospace infrastructure and so on their
list of steps to get involved is simple select a russian propaganda or
infrastructure website find critical vulnerabilities submit a report and then
hackenproof will use their contacts to get the vulnerability into the good
hands of ukrainian cyber forces who can then use those vulnerabilities in
their own anti-russian operations so far over 300 reports have been made now
bug bounty programs often have monetary incentives but this is purely
voluntary other than this bug bounty program and the it army of
ukraine several hacktivist groups have joined the
fight i've covered several attacks from anonymous here on this channel and
there's always some confusion in the comments whenever the topic of anonymous
comes up.
So i just want to make it crystal clear
anonymous is not a group in of itself anonymous is just a label
hacktivists use when they don't want to create a group identity
of their own think of it as an open source brand that anyone can use and so
two anonymous hacks could have been carried out by completely different people
who might not even speak the same language however there are some hacktivist
groups with their own unique identities which have joined the cyber front
here's a list of all of them that we know of i'll of course link the source
for this list in the description and you'll notice most are on the
pro-ukrainian side but some are pro-russian in fact i recently interviewed two
groups on this list the pro-russian group the red bandits and the
pro-ukrainian group against the west.
But i wanted to give
you a quick bio of the pro ukrainians and more importantly the people behind
it against the west or atw is a pro-ukrainian and pro-nato group i realize the
name is kind of confusing they aren't against the west in the literal sense
but after pwning an organization they'll say you were targeted
because you're against the west that's the idea the group of six was founded
after they lost their jobs due to covet now they were careful with what they
told me but several of their members have experience in working for western
intelligence agencies however they insist that they are not actively state
sponsored in the past they focused on targeting china.
however
since the war in ukraine kicked off that's where they've been focusing their
efforts targeting large russian companies and
leaking numerous data dumps to their telegram channel in the past day or so
they were suspended from twitter and have since rebranded under blue hornet
this whole cyber situation is incredibly strange government-backed cyber operations have
always been top secret but now we have telegram channels run by governments
listing enemy targets and saying give them hell we really are breaking new
ground here if you find these updates on the ukrainian situation useful and
insightful do make sure to drop me a sub as i'm putting these updates out
every two days.
I hope you liked this post, then you should not forget to share this post at
all.
Thank you so much :-)