Ahead of its ground invasion of Ukraine, Russia launched a cyber prestrike with the hopes of disrupting Ukrainian infrastructure and various other vital systems.
Russia, a known cyber force, has been honing its digital skills for years, and neighboring Ukraine is at a disadvantage in this arena. But just as countries and even individuals volunteered to help, so did people from the fields of cyber, information security and even hackers, who rallied around the Ukrainian flag by launching initiatives of their own. The hacker group Anonymous, despite its dubious reputation, joined the fighting almost immediately. It reported various successes, but as usual when it comes to Anonymous, not all are verified and it is hard to sort digital fact from fiction.
Ukraine also issued a call to arms of its own: digital minister and deputy prime minister Mykailo Fyodorov called on people with background in IT to fight for Ukraine in the cyber arena. On social messaging platforms like Telegram, official Ukrainian channels published a bank of Russian targets. Those answering the call began targeting the Russian sites on the list - including trade, financial and infrastructure sites.
Minutes after the list’s release, most of the sites on the listed ceased to function. The reason: there was worldwide mobilization and these attacks are easy to carry out and are not especially sophisticated hacks. They are what is termed denial of service attacks - in which a website is flooded with requests and traffic, causing it to fall. All they require is prior coordination and when the targeted server is overloaded it simply collapses.
This is a simple, effective move that is hard to thwart, at least when the attackers are experienced data security people who know how to conceal their moves. However, when less experienced people join, they risk exposing their details to the target and endanger themselves further down the line.
For example, let’s take a look at the site Play for Ukraine. Users are invited to play a game, and while they do so, their movements send out data to different Russian targets. At face value, this sounds wonderful: A simple and enjoyable way to attack Russia. There are quite a few other sites promising automated attacks against Russia. But in fact, no one can assure us that the site is really attacking Russian sites, and most of the people using it lack the technical knowledge to verify that. They could find themselves, for example, attacking legitimate sites or even Ukrainian targets, unknowingly.
More importantly, perhaps, is the risk it poses for those who think they are helping. People who use such sites expose themselves to the sites they attack and to the Russian government. If user participate in such attack websites from their work computer, there’s a chance the company they work for, especially if it’s multinational, will find out and will most likely not approve of it and may even sanction workers misusing corporate computers for political ends. In view of Russia’s precarious public status this seems unlikely. However, it’s certainly possible that after the war, the victims of these attacks will try to take measures against the sources of attacks they identified.
- ‘Risk of All-out Cyberwar Is Entirely Possible. The Fear Exists and Is Growing’
- What Israel Can Do for Ukraine – and What It Can't
- In Shadow of Ukraine-Russia Cyberwar, Iranian Hackers Go on the Offensive
This has happened before. In September 2010 Anonymous declared a payback campaign against organizations that were cracking down on pirated content. Individuals were asked to download software called Low Orbit Ion Cannon, which offered the same basic service as Play for Ukraine, allowing nonhackers to easily participate in a DDoS attack. But some of those who downloaded the program and wanted to aid a worthy cause, found themselves becoming targets: The attacked companies filed criminal charges and civil suits against Americans and others around the world who had participated in the attacks against them.
Alongside the threat of Russian retribution, the legal concern is no small issue. Though the long arm of Israeli law – at least in digital matters – is not so long as to deter hackers, it’s not at all certain that current automated attacks target only Russian sites, and local and legitimate sites who can be protected by local authorities may get caught up in the digital crossfire. Even if such attacks do target Russian sites, these may be using joint and foreign infrastructure, like Amazon, for example, which could lead to trouble with them or with local law.
So if you don’t know what you’re doing, it’s better to avoid sites offering to participate in automatic denial of service attacks.