Ukraine Says its ‘IT Army’ has Taken Down Key Russian Sites

Key Russian websites and state online portals have been taken offline by attacks claimed by the Ukrainian cyber police force, which now openly engages in cyber-warfare.

As the announcement of the law enforcement agency’s site details, specialists from the force have teamed with volunteers to attack the web resources of Russia and Belarus.

The three countries are currently involved in an ongoing and large-scale armed forces conflict that includes a cyber frontline, which manifested even before the invasion.

Also Read: Exploring MAS’ framework for equitable sharing of scam losses

On Saturday, Ukraine’s officials decided to form a special “IT Army” consisting of cyber-operatives and volunteer hackers from around the globe.

Using whatever available firepower can be recruited into the IT Army, volunteers are launching attacks against Russian and Belarusian websites and coordinating massive data exposure operations against high-ranking officials and opinion-makers in the enemy ground.

The Ukrainian cyber police have announced having targeted the websites of the Investigative Committee of the Russian Federation, the FSB (Federal Security Service), and the Sberbank, Russia’s state-owned bank.

As a result of these attacks, the following sites have been taken offline:

• sberbank.ru
• vsrf.ru
• scrf.gov.ru
• kremlin.ru
• radiobelarus.by
• rec.gov.by
• sb.by
• belarus.by
• belta.by
• tvr.by

Bleeping Computer confirms that the above websites are beyond reach at the time of this writing.

In addition to these sites, the IT Army’s Telegram channel has listed the following sites as downed following successful cyberattacks.

Also Read: Protecting your business against cyberattacks: practical guide

Today, the Ukrainian cyber police have announced a new information-collection system where people can submit known vulnerabilities on Russian networks, share access to critical systems, etc.

While Ukraine is trying to coordinate attacks against Russian interests, hacking groups conduct their own campaigns.

For example, a Belarusian hacking group known as ‘Cyber Partisans’ claimed to have disrupted trains in Belarus to help slow down the transport of Russian troops.

Another hacking group known as ‘AgainstTheWest‘ also targets Russian interests, claiming to have hacked a steady stream of Russian websites and corporations.

Russia blocking channels of information

On the other side, Russia and its internet watchdog, Roskomnadzor, have been trying to control what information is available to its netizens by imposing numerous blocks on foreign sites.

At the same time, the agency is objecting to restrictions imposed on state-owned and state-supported channels like RBC, Zvezda, and Sputnik, by YouTube, Google, Facebook, and other foreign platforms.

Roskomsvoboda, a Russian public organization devoted to digital rights protection and freedom of speech, reports multiple blocks of portals that report battle outcomes and casualties on Ukrainian ground.

Cyberattacks against Ukraine

While many hackers are targeting Russia, Ukraine has not been free of cyberattacks while they fend off the invasion by the Russian military.

Over the past week, the country has suffered significant blows on the cyber-frontline, with even warnings from notorious ransomware gangs.

The most recent operations targeting Ukraine include the following:

• Belarusian phishing campaigns targeting Ukraine’s military personnel.
• Data wiper malware (HermericWiper) was deployed on Ukrainian networks to wreak havoc.
• DDoS attacks against vital Ukrainian entities attributed to the GRU (Russian special cyber-force).

As the conflict continues, we will likely see cyberattacks escalate outside of Ukraine to other countries.

The U.S. Cybersecurity & Infrastructure Security Agency (CISA) warns that all U.S. organizations should secure their defenses and prepare for increased cyberattacks.

“While there are no specific or credible cyber threats to the U.S. homeland at this time, Russia’s unprovoked attack on Ukraine, which has involved cyber-attacks on Ukrainian government and critical infrastructure organizations, may impact organizations both within and beyond the region, particularly in the wake of sanctions imposed by the United States and our Allies,” reads a warning by CISA. 

“Every organization—large and small—must be prepared to respond to disruptive cyber activity.”