Saturday, March 05, 2022

CYBERWAR
Ukraine digital army brews cyberattacks, intel and infowar
By FRANK BAJAK

In this image from video, Victor Zhora, a top Ukrainian cybersecurity official, holds a news conference for international media Friday, March 4, 2022, from a bunker in Kyiv, Ukraine. Zhora said homegrown volunteers in Europe's first major war of the internet age are attacking only what they deem military targets, prioritizing government services including the financial sector, Kremlin-controlled media and railways.
 (Ukraine Government via AP)


BOSTON (AP) — Formed in a fury to counter Russia’s blitzkrieg attack, Ukraine’s hundreds-strong volunteer “hacker” corps is much more than a paramilitary cyberattack force in Europe’s first major war of the internet age. It is crucial to information combat and to crowdsourcing intelligence .

“We are really a swarm. A self-organizing swarm,” said Roman Zakharov, a 37-year-old IT executive at the center of Ukraine’s bootstrap digital army.

Inventions of the volunteer hackers range from software tools that let smartphone and computer owners anywhere participate in distributed denial-of-service attacks on official Russian websites to bots on the Telegram messaging platform that block disinformation, let people report Russian troop locations and offer instructions on assembling Molotov cocktails and basic first aid.

Zahkarov ran research at an automation startup before joining Ukraine’s digital self-defense corps. His group is StandForUkraine. Its ranks include software engineers, marketing managers, graphic designers and online ad buyers, he said.

The movement is global, drawing on IT professionals in the Ukrainian diaspora whose handiwork includes web defacements with antiwar messaging and graphic images of death and destruction in the hopes of mobilizing Russians against the invasion.

“Both our nations are scared of a single man — (Russian President Vladimir) Putin,” said Zakharov. “He’s just out of his mind.” Volunteers reach out person-to-person to Russians with phone calls, emails and text messages, he said, and send videos and pictures of dead soldiers from the invading force from virtual call centers.

Some build websites, such as a “site where Russian mothers can look through (photos of) captured Russian guys to find their sons,” Zakharov said by phone from Kyiv, the Ukrainian capital.

The cyber volunteers’ effectiveness is difficult to gauge. Russian government websites have been repeatedly knocked offline, if briefly, by the DDoS attacks, but generally weather them with countermeasures.

It’s impossible to say how much of the disruption — including more damaging hacks — is caused by freelancers working independently of but in solidarity with Ukrainian hackers.

A tool called “Liberator” lets anyone in the world with a digital device become part of a DDoS attack network, or botnet. The tool’s programmers code in new targets as priorities change.

But is it legal? Some analysts say it violates international cyber norms. Its Estonian developers say they acted “in coordination with the Ministry of Digital Transformation” of Ukraine.

A top Ukrainian cybersecurity official, Victor Zhora, insisted at his first online news conference of the war Friday that homegrown volunteers were attacking only what they deem military targets, in which he included the financial sector, Kremlin-controlled media and railways. He did not discuss specific targets.

Zakharov did. He said Russia’s banking sector was well fortified against attack but that some telecommunications networks and rail services were not. He said Ukrainian-organized cyberattacks had briefly interrupted rail ticket sales in western Russia around Rostov and Voronezh and knocked out telephone service for a time in the region of eastern Ukraine controlled by Russian-backed separatists since 2014. The claims could not be independently confirmed.

A group of Belarusian hacktivists calling themselves the Cyber Partisans also apparently disrupted rail service in neighboring Belarus this week seeking to frustrate transiting Russian troops. A spokeswoman said Friday that electronic ticket sales were still down after their malware attack froze up railway IT servers.

Over the weekend, Ukraine’s minister of digital transformation, Mykhailo Fedorov, announced the creation of an volunteer cyber army. The IT Army of Ukraine now counts 290,000 followers on Telegram.

Zhora, deputy chair of the state special communications service, said one job of Ukrainian volunteers is to obtain intelligence that can be used to attack Russian military systems.

Some cybersecurity experts have expressed concern that soliciting help from freelancers who violate cyber norms could have dangerous escalatory consequences. One shadowy group claimed to have hacked Russian satellites; Dmitry Rogozin, the director general of Russia’s space agency Roscosmos, called the claim false but was also quoted by the Interfax news agency as saying such a cyberattack would be considered an act of war.

Asked if he endorsed the kind of hostile hacking being done under the umbrella of the Anonymous hacktivist brand — which anyone can claim — Zhora said, “We do not welcome any illegal activity in cyberspace.”

“But the world order changed on the 24th of February,” he added, when Russia invaded.

The overall effort was spurred by the creation of a group called the Ukrainian Cyber Volunteers by a civilian cybersecurity executive, Yegor Aushev, in coordination with Ukraine’s Defense Ministry. Aushev said it numbers more than 1,000 volunteers.

On Friday, most of Ukraine’s telecommunications and internet were fully operational despite outages in areas captured by invading Russian forces, said Zhora. He reported about 10 hostile hijackings of local government websites in Ukraine to spread false propaganda saying Ukraine’s government had capitulated.

Zhora said presumed Russian hackers continued trying to spread destructive malware in targeted email attacks on Ukrainian officials and — in what he considers a new tactic — to infect the devices of individual citizens. Three instances of such malware were discovered in the runup to the invasion.

U.S. Cyber Command has been assisting Ukraine since well before the invasion. Ukraine does not have a dedicated military cyber unit. It was standing one up when Russia attacked.

Zhora anticipates an escalation in Russia’s cyber aggression — many experts believe far worse is yet to come.

Meantime, donations from the global IT community continue to pour in. A few examples: NameCheap has donated internet domains while Amazon has been generous with cloud services, said Zakharov.

To fight its war, Russia closing digital doors
Issued on: 05/03/2022 - 

Washington (AFP) – Russia's blocking of Facebook is a symptom of its broader effort to cut itself off from sources of information that could imperil its internationally condemned invasion of Ukraine, experts say.

The often-criticized social network is part of a web of information sources that can challenge the Kremlin's preferred perspective that its assault on Ukraine is righteous and necessary.

Blocking of Facebook and restricting of Twitter on Friday came the same day Moscow backed the imposition of jail terms on media publishing "false information" about the military.

Russia's motivation "is to suppress political challenges at a very fraught moment for (Vladimir) Putin, and the regime, when it comes to those asking very tough questions about why Russia is continuing to prosecute this war," said Steven Feldstein, a senior fellow at the Carnegie Endowment for International Peace.

Russia thus joins the very small club of countries barring the largest social network in the world, along with China and North Korea.

Moscow was expected to quickly overpower its neighbor but the campaign has already shown signs that it could go longer and could lead to the unleashing of its full military ferocity.

"It's a censorship tool of last resort," Feldstein added. "They are pulling the plug on a platform rather than try to block pages or use all sorts of other mechanisms that they traditionally do."

Earlier this week independent monitoring group OVD-Info said that more than 7,000 people in Russia had been detained at demonstrations over Moscow's invasion of Ukraine.

Web monitoring group NetBlocks said Russia's moves against the social media giants come amid a backdrop of protests "which are coordinated and mobilized through social media and messaging applications."

The war is meanwhile taking place during a period of unprecedented crackdown on the Russian opposition, with has included protest leaders being assassinated, jailed or forced out of the country.
'No access to truth'

Since Moscow's invasion of Ukraine last week, Russian authorities have stepped up pressure against independent media even though press freedoms in the country were already rapidly waning.

In this context, Facebook plays a key information distribution role in Russia, even as it endures withering criticism in the West over matters ranging from political division to teenagers' mental health.

Natalia Krapiva, tech legal counsel at rights group Access Now, said social media has been a place where independent, critical voices have been talking about the invasion.

"Facebook is one of the key platforms in Russia," she said, adding that its loss is "a devastating blow to access to independent information and for resistance to the war."

Russia has been hit with unprecedented sanctions from the West over the invasion, but also rejections both symbolic and significant from sources ranging from sporting organizations to US tech companies.

Facebook's parent Meta and Twitter however have engaged on the very sensitive issue of information by blocking the spread of Russian state-linked news media.

Russia's media regulator took aim at both, with Roskomnadzor accusing Facebook of discrimination toward state media.

Big US tech firms like Apple and Microsoft have announced halting the sale of their products in Russia, while other companies have made public their "pauses" of certain business activities or ties.

On Friday US internet service provider Cogent Communications said it had "terminated its contracts with customers billing out of Russia."

The Washington Post reported Cogent has "several dozen customers in Russia, with many of them, such as state-owned telecommunications giant Rostelecom, being close to the government."

It's exactly the kind of measure Ukrainian officials have been campaigning heavily for as they ask Russia be cut off from everything from Netflix to Instagram.

Yet experts like Krapiva worry about what that would mean for dissenting or critical voices inside Russia.

"There's a risk of people having no access to truth," she said.

"Some Ukrainians have been calling for disconnecting Russia from the internet, but that's counterproductive to disconnect civil society in Russia who are trying to fight."

© 2022 AFP

No comments:

Post a Comment