23.05.2022

Main Cyber Highlights of the Week: May, 16-22

Main Cyber Highlights of the Week: May, 16-22

Foto — pixabay.com

Executive summary

russia’s war against Ukraine continues not only on the battlefield but also in cyberspace. Massive cyberattacks against state structures of Ukraine and business began long before the military invasion. With the start of hostilities, the attacks doubled from about 200 to more than 400 a month.

With the help of cyber attacks, russia wants to create a humanitarian catastrophe in Ukraine, because hackers are trying to hinder the work of the energy sector, emergency services, communications, logistics. However, according to Oleksandr Bornyakov, Deputy Minister of Digital Transformation of Ukraine for IT Development, «the level of cyber defense in Ukraine is high enough for the critical information infrastructure to function properly» [1].

Ukraine has even won two international CYBERSEC Awards in the field of cybersecurity. The organizers noted the heroic cyber defense, which was joined by the whole Ukrainian society, including the state apparatus, the IT community and volunteers [2].

The most active hacker groups fighting on the Ukrainian cyber front are:

  • Anonymous;
  • Against The West (ATW) (connected with Anonymous);
  • NB65 (connected with Anonymous);
  • Thblckrbbtworld (act on behalf of Anonymous);
  • HackenProof;
  • IT Army of Ukraine;
  • HackYourMom;
  • Guild of IT specialists [3].

A significant part of these groups are Ukrainian «hacktivists», who make a significant contribution to the protection of Ukraine’s cyberborders. russian propagandists and hackers are trying to copy this movement. russia has created the russian Cyber ​​Army, which seeks to replicate the success of Ukraine’s IT army and mimic the «all-russian movement» [4].

Also, according to cybersecurity expert Konstantin Korsun, the opposition in cyberspace on the part of russia involved employees of the 18th FSB Center, hackers from the russian Central Intelligence Agency, representatives of «bot farms» and several other russian intelligence services [1].

The most active hacker groups fighting on the russian cyber front are:

  • Armageddon (UAC-0010);
  • Fancy Bear (APT28, Sofacy, Pawn storm, Sednit и Strontium);
  • Ghostwriter (UNC1151);
  • Sandworm (UAC-0082);
  • Scarab;
  • TA416 (Mustang Panda, RedDelta, Temp.Hex);
  • Killnet;
  • Legion [3].
Strengthening of cybersecurity of Ukraine

ICANN has allocated $ 1 million to Ukraine to fight russian hackers. These funds, according to the Minister of Digital Transformation Mikhail Fedorov, will be spent to support the stable operation of the domain system of our country [5].

Cyber attacks on Ukraine

The Nikolaev online edition «NikVesti» suffered DDos-attacks on May 18 [6].

Another threat received by the Zaporozhye site 061.ua [7].

Killnet hackers declare global cyber warfare in Ukraine (as well as some EU countries and the USA) [8].

Cyber attacks on russia

From May 16 to 22, the Ukrainian IT Army attacked more than 400 russian online resources.

  • Many regional media sites were inaccessible due to cyberattacks.
  • russian application store NashStore, similar to the App Store and Google Play, had difficulties in the days of the announced launch. Import substitution did not work.
  • russians had difficulty selling and renting real estate online.
  • russian banks are still unable to recover from previous attacks by the IT army and cope with new ones on their websites and online banking.

Also last week, the IT army announced a bot to automate attacks, which should significantly increase their effectiveness.

In total, since the russian invasion of Ukraine, the IT army has attacked about 2,000 russian resources. Many of them were attacked again [9].

Experts call the biggest victory of IT ARMY of Ukraine the evil rutube, which, 10 days after the large-scale attack on May 9, was unable to resume its work in full [10].

Anonymous hacked russia’s Sberbank, the largest bank in Central and Eastern Europe [11].

The group of hackers Obfuscated Dreams of Scheherazade  has created a site for telephone pranks on russian deputies, propagandists, the military, intelligence and officials [12].