The cyberwar is ratcheting up.
The Ukrainian call to arms sent out by Ukraine’s digital transformation minister, Mykhailo Fedorov for volunteers around the globe to hack Russian targets has been answered in large part by the loose collective of hackers known as Anonymous. Now, other cyber warriors are now joining the effort. A group known as Network Batallion 65 claims that it has breached the control center of Russian State Space Corporation Roscosmos.
NB65’s infiltration of Roscosmos has cut off Russia’s ability to control its spy satellites. The group of hackers rotated credentials to access the satellite data and shut down the company’s servers, rendering real-time satellite imaging and vehicle monitoring unavailable.
“Have a nice Monday fixing your spying tech,” NB65 said in a Twitter post. “Glory to Ukraine.”
Rebels Witha Cause
While Anonymous has been active on the global cyber stage since as early as 2003, targeting the Church of Scientology and spearheading the Occupy Wall Street movement, the members of hacking collectives have largely been rebels without a cause in recent years. That changed with Russia’s invasion of Ukraine.
NB65 seems to be united in its protest of the war. The group carried out a data dump Sunday of more than 40,000 files it collected from Russia’s Nuclear Safety Institute.
“We don’t have the capacity to translate this many Russian documents, so enjoy and let us know what you find,” the group said.
Anonymous is Everywhere
Meanwhile, Anonymous has been relentless in its attacks on Russian websites and state-backed news outlets, claiming over 300 successful breaches.
The group targeted state news agencies TASS and RIA Novosti, and the websites of news outlets Kommersant, Izvestiya, and Forbes Russia over the weekend, throttling connections, knocking out servers, and posting anti-war messages on the companies’ home pages.
“In a few years we’ll live like in North Korea. What’s in it for us? For Putin to make the history books? It isn’t our war, let’s end it!”, said a message in Russian posted on Forbes Russia’s site.
Holding true to its roots of disruption and digital pranks, Anonymous also hacked into Russian TV, setting all channels to play Ukrainian folk songs.
State-owned media organization Russia Today and Sputnik, and the websites of state and Belarusian banks were also taken out in the extensive series of attacks.
Poking the Bear
Anonymous’ disruptive and sometimes adolescent-like style of targeting its enemies may be endearing to its supporters, but it cannot be overstated that it is playing a dangerous game on the biggest geopolitical stage.
The analogy of “poking the bear” is an apt one when it comes to hackers’ attacks on Russia, and Anonymous has poked the bear with a red hot branding iron.
The Russian-backed hacking group known as Killnet struck back against Anonymous by disabling its servers Tuesday. Users attempting to access Anonymous’ official website were greeted by a link to a video message:
“Greetings, Russians and friendly union nations,” a voice said dubbed over a shadowy figure in the video. “The internet is full of fake information about the hacking of Russian banks, hacks on Russian media servers, and much more. None of this poses any danger to people. This ‘information bomb’ is merely text and nothing more. Do not fall for fake information on the internet. Have no doubts about your country.”
“Very soon this conflict will end, and we will find peace,” the video went on to say.
In addition to fighting an increasingly difficult cyberwar against hackers, added sanctions and global outcry may force Russia to target the U.S. and other NATO member states with DDoS attacks similar to the one carried out against Ukraine in January.
Russia’s sharp pivot toward the West was addressed in a joint Cybersecurity advisory briefing Saturday. The meeting came after a an intelligence brief from the Department of Homeland Security in January warned stakeholders that Russia “would consider” launching a cyber attack against the United States if the U.S. or NATO respond to Russia’s potential invasion of Ukraine in a way that the Kremlin perceived as threatening to Russian security.
The memo also stated that the likelihood of Russia launching a cyberattack on U.S. infrastructure “probably remains very high.”
Cyberattacks have so far been effective against the Russian war machine, but Putin will no doubt take the aggression personally, and hackers may not be ready for retaliation.