War is a bonanza of money making opportunities, and cyber warfare is no different: let the polarization begin …
In the cyberspace realm, Russia’s threat groups have historically had superiority over those of Ukraine. In fact, Ukraine was attacked last week by a destructive wiping malware.
However, the situation is starting to change, as many non-state-sponsored actors are taking the side of Ukraine. To defend itself, the Ukrainian government has taken the unprecedented step of mobilizing an international ‘IT army’ of hacktivists. The Telegram channel of this ‘army’ already counts more than 175,000 members.
Another key member of the ‘Ukrainian Cyber Army’—the Anonymous Collective—has declared a cyberwar against Russia, claiming to have conducted successful DDoS attacks against several key websites of Russian government including the website of Kremlin, the Russian Ministry of Defense and Russian Duma. Additionally, the group leaked 200GB of data of Tetraedr, the Belarusian weapons manufacturer; and some databases from the Russian Ministry of Defence website.
Then there is Disbalancer, a DDoS stress testing company, which is collecting donations to buy servers to execute DDoS attacks against Russia:
Even major technology companies like Elon Musk’s SpaceX have taken a clear stand behind Ukraine, providing it with satellite internet services to maintain internet connectivity.
Three sides to the cyberwar
Nevertheless, there are also those standing behind Russia in the conflict. For example, the Conti ransomware group has threatened to retaliate against any cyber-attack on the country. They posted a direct threat to avenge any cyber-attack against Russia on their blog.
However, Conti subsequently added to their statement, declaring that they are not affiliated with any government, but condemn Western aggression.
Another pro-Russia threat group, CoomingProject, which had been known to re-posted different leaks from Western companies, has declared its mission to help defend the Russian government in cyberspace.
The third parties in the cyberwar are of course the opportunists: Since the Ukrainian government has official solicited donations in cryptocurrencies (already receiving more than US$1.5m), non-partisan cybercrooks are using the crisis to launch phishing campaigns.
Researchers from Check Point Software have already identified several such campaigns that are sent with either the details of perpetrators’ crypto wallets, or their international bank accounts.
The team fully expect that with the advancement of the war between Russia and Ukraine, there will be additional polarization in cyberspace as ‘cyber armies’ on all sides continue to conduct increasingly aggressive campaigns.