Cybersecurity Before and After the Russian Invasion of Ukraine

24 February 2022 - the day that has changed European history. On that day, the Russian Federation started open military aggression against Ukraine, an independent European democratic country. This day has also changed the global cybersecurity landscape.

What did global cybersecurity look like before the Russian open aggression in Ukraine?

Before 24 February, the major efforts of the global cybersecurity community were focused on fighting against black hat hacker groups. Malicious actors were actively targeting individual users via phishing and other forms of social engineering to steal their money or data for further sale on the darknet. 

Malicious groups were also targeting corporate players through ransomware and DDoS attacks. For example, one of the biggest ransomware incidents was the Colonial Pipeline attack that led to the company being forced to pay a ransom of $4.4M. Colonial Pipeline distributes almost 50% of fuel to the East coast of the USA. The company was down for a few days resulting in a serious panic among its partners and investors. 

Before the Russian invasion of Ukraine, state-backed actors mostly targeted private players to make money. For example, North Korean hackers stole $400M in virtual assets in 2021 and this money was one of the main sources of revenues for this poor authoritarian country. 

However, there were also indicators of cyber warfare between states. Namely, Russian state-backed hackers were actively targeting Ukrainian government websites in January and February this year to cause the collapse of the country’s digital infrastructure. Although Ukrainian digital infrastructure did not experience critical damage, some of the attacked websites were down for more than a day. 

When speaking about personal cybersecurity, people mostly focused on protecting themselves against malicious actors by using VPN services, filtering information received, and installing antivirus software. However, people were underestimating the role of cybersecurity in the modern world. Most of them got a basic understanding of cybersecurity only after experiencing a hack. But the situation has significantly changed after the Russian invasion of Ukraine.

How has the Russian invasion of Ukraine changed global cybersecurity?

The global cybersecurity landscape has changed into a global alliance for peace in Ukraine. Now the efforts of both white and black hat hackers are channelled towards conducting cyberwar against Russia to stop its propaganda machine. IT companies are actively launching DDoS attacks against Russian government websites and media.

One of the most famous decentralized hacker groups Anonymous has declared a cyberwar against Russia and released its message to Putin. This group has compromised the database of the Russian Ministry of Defense and hacked multiple Russian propaganda media channels. 

The Ukrainian government has appealed to hackers worldwide to help the country defeat Russia in the digital space by joining its Ukrainian Cyber Forces. Ethical hackers worldwide are actively utilizing their expertise to launch cyberattacks against Russian digital infrastructure thereby assisting the government of Ukraine. Everyone who feels that the Russian invasion of Ukraine should be stopped can join these cyber initiatives and become a cyber guerilla. 

The cybersecurity company Hacken, which has a research and development center in Kyiv, has started a massive campaign to stop the aggressor's propaganda machine. 

Hacken team has enabled both IT professionals and common users to participate in cyberattacks against Russia by joining Hacker Forces. 

There are two main attack directions:

1. HackenProof “Call for exploits. Stop the war” research exploits program (for users with IT background). Under this program, users have to find and report on critical vulnerabilities in the Russian digital infrastructure and propaganda websites. All findings are communicated to the Ukrainian Cyber Forces. No need to exploit detected vulnerabilities, so no violation of law from users’ side. 
2. disBalancer DDoS attacks (both professional IT specialists and common users can participate). All instructions on how to participate in these programs are available on the Hacken Cyber Army Telegram group. 

And one defense program:

• Protecting Ukrainian infrastructure against Russian cyberattacks through the “Call for Ukrainian cyber defense. Stop the war”. Under this program, users look for vulnerabilities in the Ukrainian digital infrastructure and report on all their findings. All information is communicated to the Ukrainian government. As a result, we are strengthening the resistance of Ukraine to cyberattacks.

First results of the disBalancer attack

Cybersecurity experts who are also referred to as defenders have become the weapon of mass destruction, the weapon destroying propaganda, fake news, state crime, and Putin’s totalitarian regime. 

The results of the international cyberattack against Russian digital infrastructure are impressive. According to the post made by the head of the Ministry of Digital Transformation of Ukraine Mykhailo Fedorov, 50 powerful DDoS attacks have targeted Russian digital infrastructure. The volume of these attacks equalled 1Tb.

According to Hacken CEO Dyma Budorin, the current cyberattack against Russian digital infrastructure and propaganda machine will become the biggest cyberattack ever recorded.

The united democratic world is a tremendous power. 

At the same time, it is not enough to prevent people in Russia and Belarus from reading, watching, or listening to propaganda resources. It is necessary to deliver the truth to them, especially to Russian women whose sons and husbands have been sent to death in Ukraine by Putler’s terrorist regime. The Ukrainian creative community has prepared videos that need to be shared with people living in Russia and Belarus. Spread the word to save Ukraine. 

Do people violate the law by targeting the Russian government and media websites? If you asked this question before 24 February, the answer would be “Yes”. But today people are protecting Europe from the biggest tragedy in the 21st century by crashing Russian digital infrastructure. The mission of white hat hacking is to help people. That’s what ethical hackers worldwide are doing right now by attacking Russia. 

At the same time, people worldwide realize that Russia is also counter-attacking in the digital space. That is why individuals do not forget about personal cybersecurity. One of the most important personal cybersecurity rules today is personal cyber hygiene. People are trying to verify every piece of information they get.

Also today people pay strong attention to the files they are asked to download. Cybercriminals from Russia spread malware among users to crash their devices or get access to information. People download programs only from the most trusted sources. 

We all can see how the global community is uniting efforts in the face of tragedy that can affect the whole world. 

Thus, cybersecurity right now is much more than your personal deal. It is the duty of international importance. 

Disclaimer: This material is not sponsored by any organization mentioned in the article.