Hacktivists Stoke Pandemonium Amid Russia’s War in Ukraine

A collage with a demonstrator waving a Ukrainian flag. - Illustration: Elena Lacey; Getty Images

Hacktivists Stoke Pandemonium Amid Russia’s War in Ukraine
WIRED, March 3, 2022
By Lily Hay Newman

“A wave of cyberattacks meant to make a statement and particularly buoy Ukraine could have unintended consequences.”


On Thursday, hackers defaced a Russian Space Research Institute website and leaked files that they allege are stolen from Roscosmos, the Russian space agency. Their message? “Leave Ukraine alone else Anonymous will f*ck you up even more.” Meanwhile a DDoS attack pummeled Russia’s .ru “top level domain,” with the aim of essentially cutting off access to all URLs that end in .ru. These are just the latest incidents in a surge of hacktivism in support of Ukraine.


Protests against Russia’s war of choice with Ukraine have been held around the world, including in 48 Russian cities. The global community has raised millions of dollars for Ukraine through cryptocurrency donations, and private companies from Shell and BP to Apple have temporarily or permanently pulled out of the Russian market. Amidst the havoc, hacktivists are joining the cacophony in an attempt to make a statement and advance their cause.


For years, Russia has barraged Ukraine with an array of intrusive and destructive cyberattacks. And the war opened in recent days with Russian campaigns to hit Ukrainian institutions with DDoS attacks and awaken data-wiping malware on hundreds of Ukrainian computers. Ukraine itself has launched an effort to amass a volunteer “IT Army” of civilian hackers from around the world to aid its fight, alongside traditional conscription. Still, as the back-and-forth has escalated into violence in the region and NATO countries have battered Russia with crippling economic sanctions, hacktivist data leaks, website defacements, and cyberattacks have become one of the most visible, if not necessarily the most impactful, digital battlegrounds.


The mix of hacktivism and active warfare creates a messy picture, experts say. Some caution that hacktivism could lead to unintended escalations or endanger intelligence operations. Others argue that even more than in peacetime, periods of active combat render hacktivism ineffectual and largely just distracting.


“It’s a high-intensity armed conflict between two states with heavy kinetic warfare, civilian casualties, and physical destruction,” says Lukasz Olejnik, an independent cybersecurity researcher and former cyberwarfare advisor to the International Committee of the Red Cross. “Let’s be honest here, what may hacktivism change in this picture? Besides, most of the reports of hacktivism are unverifiable at best. They are highly amplified on social media and traditional electronic media, but what is the actual effect?”



“Hacktivism by its very nature is always loud, and intelligence by its nature is usually quiet,” says incident responder and former NSA hacker Jake Williams. “Well-meaning hacktivists being loud may unwittingly lead security forces to [an] intelligence operation that may have been ongoing in that network and flying under the radar. So they’re essentially outed and lose access because of an investigation into a hacktivist attack.”


Some hacking tools used by that intelligence force may also be exposed in such a situation, rendering them less useful.

Read the Full Article »

About the Author:

Lily Hay Newman is a senior writer at WIRED focused on information security, digital privacy, and hacking. She previously worked as a technology reporter at Slate magazine and was the staff writer for Future Tense, a publication and project of Slate, the New America Foundation, and Arizona State University. Additionally her work has appeared in Gizmodo, Fast Company, IEEE Spectrum, and Popular Mechanics. She lives in New York City.