By FRANK BAJAK – AP Technology Writer
BOSTON (AP) – Ukraine’s hundred-strong volunteer “hacker” corps, formed in anger to counter Russia’s blitzkrieg attack, is much more than a paramilitary cyberattack force in Europe’s first major war of the internet age. It is critical to the information warfare and crowdsourcing of information.
“We really are a crush. A self-organizing swarm,” said Roman Zakharov, a 37-year-old IT manager at the heart of Ukraine’s bootstrap digital army.
The inventions of the volunteer hackers range from software tools that allow smartphone and computer owners everywhere to participate in distributed denial-of-service attacks on official Russian websites, to bots on the messaging platform Telegram that block disinformation, enabling people , to report Russian troop locations and give instructions, assemble Molotov cocktails and basic first aid.
Zahkarov did research at an automation startup before joining Ukraine’s Digital Self-Defense Corps. His group is StandForUkraine. Its ranks include software engineers, marketing managers, graphic designers and online ad buyers, he said.
People also read…
The movement is global, drawing on IT experts in the Ukrainian diaspora whose work includes web defacements with anti-war messages and graphic images of death and destruction in hopes of mobilizing the Russians against the invasion.
“Both our nations are afraid of one man – (Russian President Vladimir) Putin,” Zakharov said. “He’s just crazy.” Volunteers are reaching out to Russians with person-to-person phone calls, emails and text messages, he said, and sending videos and pictures of dead invading force soldiers from virtual call centers.
Some are building websites, such as a “website where Russian mothers can browse (photos of) captured Russian men to find their sons,” Zakharov said by phone from Kyiv, the Ukrainian capital.
The effectiveness of the cyber volunteers is difficult to assess. Russian government websites have been repeatedly taken offline by the DDoS attacks, albeit briefly, but generally survive with countermeasures.
It’s impossible to say how much of the disruption – including more harmful hacks – is caused by freelancers working independently of, but in solidarity with, Ukrainian hackers.
A tool called “Liberator” lets anyone in the world with a digital device become part of a DDoS attack network or botnet. The tool’s programmers program new targets as priorities change.
But is it legal? Some analysts say it violates international cyber norms. It is Estonian developers say they acted “in coordination with the Ministry of Digital Transformation” of Ukraine.
A senior Ukrainian cybersecurity official, Victor Zhora, insisted at his first online press conference of the war on Friday that local volunteers would only attack what they believe are military targets, to which he included the financial sector, Kremlin-controlled media and railroads. He did not name specific goals.
Zakharov did. He said Russia’s banking sector is well protected against attack, but some telecom networks and rail services are not. He said cyberattacks orchestrated by Ukraine briefly disrupted rail ticket sales in western Russia around Rostov and Voronezh and temporarily shut down phone service in the region of eastern Ukraine controlled by Russian-backed separatists since 2014. The claims could not be independently confirmed.
A group of Belarusian hacktivists calling themselves Cyber Partisans also appeared to disrupt rail services in neighboring Belarus this week to frustrate passing Russian troops. A spokeswoman said on Friday that electronic ticket sales were still down after her malware attack froze the railway’s IT servers.
Over the weekend, Minister of Digital Transformation of Ukraine Mykhailo Fedorov announced the creation of a voluntary cyber army. The IT Army of Ukraine now counts 290,000 followers on Telegram.
Zhora, deputy chairman of the state’s special communications service, said one task of Ukrainian volunteers is to obtain information that could be used to attack Russian military systems.
Some Cyber Security Experts have raised concerns that asking for help from freelancers violating cyber norms could have dangerous escalating consequences. A shadowy group claimed to have hacked Russian satellites; Dmitry Rogozin, director general of the Russian space agency Roskosmos, called the claim false, but was also quoted by the Interfax news agency as saying that such a cyber attack would be counted as an act of war.
When asked if he endorses the type of hostile hacking carried out under the Anonymous Hacktivist brand — which anyone can claim — Zhora said, “We do not welcome illegal activity in cyberspace.”
“But the world order changed on February 24,” he added, as Russia invaded.
The overall effort was fueled by the creation of a group called “Ukrainian Cyber Volunteers” by a civilian cybersecurity officer, Yegor Aushev, in coordination with Ukraine’s Defense Ministry. Aushev said there were more than 1,000 volunteers.
As of Friday, most of Ukraine’s telecommunications and internet connections were fully operational despite outages in areas captured by invading Russian forces, Zhora said. He reported on ten hostile hijackings of local government websites in Ukraine to spread false propaganda that the Ukrainian government had capitulated.
Zhora said suspected Russian hackers continued trying to spread destructive malware in targeted email attacks on Ukrainian officials and – what he believes is a new tactic – infecting the devices of individual citizens. Three instances of such malware were detected leading up to the invasion.
The US Cyber Command has been supporting Ukraine long before the invasion. Ukraine does not have its own military cyber unit. It rose when Russia attacked.
Zhora expects Russia’s cyber aggression to escalate – many experts believe much worse is ahead.
Meanwhile, donations continue to flow in from the global IT community. Some examples: NameCheap has donated internet domains, while Amazon has been generous with cloud services, Zakharov said.
Copyright 2022 The Associated Press. All rights reserved. This material may not be published, broadcast, transcribed or redistributed without permission.