Join online with today’s leading executives at the Data Summit on March 9th. Register here.
“While you sympathize with Ukraine’s willingness to do whatever it takes to thwart Russia, Ukraine’s IT Army initiative raises some big questions and could have serious unintended consequences,” cyber experts told VentureBeat.
“I think it’s important to recognize that Ukraine is in a very precarious situation, which could call for unprecedented action,” said David Kuder, a senior cybersecurity intelligence analyst at Critical Start.
At the same time, Kuder said, “it is difficult to ignore the potential dangers and full risks of this endeavor.”
Ukraine’s IT forces were announced last Saturday by Deputy Prime Minister Mikhail Fedorov, two days after Russia’s unprovoked invasion of the country. The initiative focuses primarily on forcing Russian websites offline using distributed denial-of-service (DDoS) attacks. DDoS comes at the simplest end of the cyber attack spectrum, but it can still be disruptive.
And the Ukrainian IT Army – which has more than 290,000 subscribers to the Telegram channel – has been very successful in its work: according to data provided by Security, more than half of the sites they have targeted are experiencing partial or total outages in Russia. Professional Chris Partridge.
“I believe the data show that galvanized mobs can clearly impose costs and chaos on many targets,” Partridge, who oversees IT Army activities on GitHub, said in a message to VentureBeat.
In the latest investigation, numerous government, financial and media websites targeted by the Ukraine IT Army were seeing 0% or 10% uptime in Russia, Partiz’s data show.
Meanwhile, on Thursday, the group expanded its strategy by targeting SIP servers, he said. Servers are used for Internet-based voice calls, and are considered more difficult to protect against cyber attacks.
‘This is a blueprint’
Everyone in security should pay attention to what is happening with Ukraine’s IT army, as it is a sign of things to come, “said Petrij.
“This is the blueprint for a future cyber war,” he said. “It seems inevitable that future conflicts will try to mimic this passion.”
However, Patrice said he recognizes the potential dangers that cannot be ignored – and many others agree.
“There’s no question that vigilante hacking wars can have unpredictable consequences,” said Chris Grove, a cybersecurity strategist at Nozomi Networks.
For example, cyber weapons can go off target and hit the services on which ordinary citizens rely. “Our supply chain ecosystems are so interconnected that attacking a single link can have unplanned consequences elsewhere,” Grove said.
Casey Ellis, founder and CTO of Bugcrod, said that while he could understand Ukraine’s motivation to do so, “it is definitely adding to the fog of war that exists in the cyber domain surrounding this conflict.”
Participating in such endeavors is also extremely dangerous for the individual, Ellis said.
“Except for direct Russian retaliation, for example, a well-intentioned hacktivist in the state of Missouri is probably violating both state law and federal law by ‘helping’ – although the target is a socially accepted ‘bad guy’ in this equation,” he said. .
In other words, social call-to-arms does not change local laws, Ellis said.
“I’ve been talking to a lot of enthusiastic Rookies over the past week about doing anything stupid – as well as trying to work with people to minimize the potential loss of involvement for participants,” he said.
Mismanagement is another major threat to attacks by the IT Army, as mentioned by Ellis and a number of other experts to VentureBeat.
“It’s difficult, if not impossible, to quickly determine where the attack came from, or who was behind the attack,” said John Dixon, vice president of Colfire. “Things can get messy quickly. And the risk of ‘hacked back’ cyber attacks from the US and the Russians directed to the west becomes more probable.
Looking ahead, Dixon said, “I fear that what Ukrainian volunteers are doing is likely to further expand the cyber war outside of Eastern Europe than have a tangible effect on the Russians.”
Their efforts are also likely to interfere with the intelligence gathering by Western nations, some experts said.
“With a public call to anyone willing to help Ukraine defend itself from cyber-attacks during the physical conflict, we have entered an unprecedented territory,” said Drew Schmidt, chief threat intelligence analyst at Guidepoint Security.
And yet: the attack on Ukraine is a terrible tragedy that is getting worse by the minute. And if Ukraine thinks the IT army is helpful, isn’t it really determined on them?
“Everything is a matter of perspective,” said Kevin Gonzalez, director of security at Envilogic.
Ukraine is using any resources it can muster to fight Russia – whether it is fighting on the streets or in the cyber realm – and “who can blame them?” Gonzalez said.
While unintended consequences are certainly possible, he noted that the US and many other countries already have their own abusive cyber operations. It is under radar more than the current IT army of Ukraine.
“Ukraine considers this group essential to their existence, just as the United States considers the CIA and the NSA essential to our survival in the face of growing threats,” Gonzalez said.
At a certain point, however, launching cyber attacks that are not actually integrated with broader military objectives could be little more than sabotage, said John Bambanek, Netenrich’s main threat hunter.
As the saying goes, “Conflict is a battle of attrition,” Bambanek said. “Does Kiev fall first, or is the pressure on Putin enough to push him back? In that sense, it’s all an addition – and [the IT army] Can help. Time will tell, really. “
In the long run, much will depend on how the international community reacts to these events, Schmidt said.
For example, it would be crucial to see whether activism supporting Ukrainian cyber operations is considered a criminal offense, as it would normally be, he said.
But at this point, with that very vague result, it is “a dangerous territory for the adventurous spirit with an Internet connection” to join the IT Army’s effort, said Tim Wade, Vectra’s deputy CTO. “It’s not like walking lightly.”
It is unknown at this time what he will do after leaving the post. SightGain CEO Christian Sorensen, who previously led the operational planning team for US Cyber Command, noted that the Ukrainian IT Army is not alone in what it is doing now. The hacktivist group Anonymous has so far appeared to be particularly “effective” in its cyber efforts to help Ukraine, he said.
Ultimately, “regardless of whether these groups should engage in such activities,” Sorensen said, “it seems like a new way of fighting.”
Venturebeat’s mission Transformative Enterprise is about to become a digital town square for technology decision makers to gain knowledge about technology and transactions. Learn more