Mar 6, 2022

Posted On: While it’s understandable that Ukraine wants to do all it can to thwart Russia, cyber experts told VentureBeat that the Ukraine IT army idea raises some significant problems and might have catastrophic unintended repercussions. “I feel it’s critical to acknowledge that Ukraine is in a catastrophic position that may need extraordinary actions,” said David Kuder, a senior cyber threat intelligence analyst at Critical Start. Nonetheless, “it’s impossible to disregard the inherent hazards and outright perils of this undertaking,” Kuder added. Vice Prime Minister Mykhailo Fedorov unveiled Ukraine’s IT army on Saturday, two days after Russia’s unjustified invasion of the nation. The campaign has mostly concentrated on deploying distributed denial-of-service (DDoS) assaults to knock Russian websites down. DDoS attacks are on the lower end of the cyberattack scale, yet they may still cause havoc. And the Ukraine IT army, which has more than 290,000 Telegram users, has been rather effective in its efforts: According to statistics given by security expert Chris Partridge, more than half of the sites they’ve targeted have had partial or complete outages in Russia. In a letter to VentureBeat, Partridge, who’s been watching the IT army’s actions on GitHub , said, “I think the data demonstrates the galvanised mob can obviously inflict expense and confusion on many targets.” According to Partridge’s statistics, multiple political, banking, and media websites targeted by the Ukraine IT army were experiencing 0% to 10% uptime inside Russia at the time of his previous check. Meanwhile, the organisation increased its techniques on Thursday, he added, by focusing on SIP servers. The servers are used to make internet-based phone calls and are thought to be more vulnerable to hackers. ‘This is the blueprint,’ says the narrator Everyone in the security community should be watching what’s going on with Ukraine’s IT army because it’s a portent of things to come, according to Partridge. He said, “This is the roadmap for future cyberwar.” “It seems likely that future wars would aim to match this level of fury.” Partridge, like many others, knows that there are possible concerns that can’t be overlooked. “Vigilante hacker warfare may certainly have unforeseen repercussions,” said Chris Grove, a cybersecurity analyst at Nozomi Networks. For example, cyber weapons may go off-target and harm services that ordinary people rely on. “Our supply chain ecology is so interconnected,” Grove added, “that striking one link might have unintended implications elsewhere.” While Casey Ellis, the founder and CTO of Bugcrowd, understands Ukraine’s intentions, “it’s absolutely contributing to the fog of war that exists in the cyber realm surrounding this conflict,” he added. Participating in such an attempt is also exceedingly dangerous for a person, according to Ellis. “Aside from direct Russian retaliation, a well-intentioned hacktivist in Missouri, for example, is likely breaking both state and federal crimes by ‘assisting’ – even if the target is the socially acknowledged ‘bad guy’ in this scenario,” he added. In other words, according to Ellis, a social call to arms does not modify municipal laws. “Over the last week, I’ve talked a lot of excited novices out of doing anything crazy,” he added. “I’ve also been trying to work with others to limit the potential impact of being engaged for participants.” Risk of attribution Another major risk cited by Ellis and a number of other experts to VentureBeat is misattribution for the assaults carried out by the IT army. “Quickly determining where an assault originated from or who was behind the attack is difficult, if not impossible,” said John Dickson, vice president of Coalfire. “Things may soon get out of hand.” And the possibility of Russian ‘hack back’ cyberattacks aimed at the United States and the West grows.” In terms of the future, “I’m worried what Ukrainian volunteers are doing is more likely to spread a cyber war beyond Eastern Europe than to have a concrete impact on Russians,” Dickson added. There’s also a chance that their actions may obstruct intelligence gathering by Western countries, according to numerous analysts. “We have entered new ground with a public appeal for anybody wanting to assist Ukraine protect themselves from cyberattacks during a physical battle,” said Drew Schmitt, chief threat intelligence analyst at GuidePoint Security. Nonetheless, the attack on Ukraine is a profoundly unfortunate scenario that is rapidly deteriorating. And, if Ukraine believes the IT army is beneficial, isn’t it up to them to decide? Kevin Gonzalez, head of security at Anvilogic, stated, “Everything is a question of perception.” Defending yourself Ukraine is using all of its resources to fight back against Russia, whether on the streets or in cyberspace, and “who can blame them?” Gonzalez stated his opinion. While there is always the risk of unintended effects, he pointed out that the United States and many other nations already conduct offensive cyber operations. They’re simply a lot less visible than Ukraine’s IT army is right now. “Ukraine views this organisation as critical to their existence, much as the United States views the CIA and NSA as critical to our survival against developing threats,” Gonzalez added. But, according to John Bambenek, chief threat hunter at Netenrich, conducting cyberattacks that aren’t truly coordinated with bigger military goals may amount to nothing more than vandalism at some point. According to Bambenek, “the confrontation is a battle of attrition.” “Will Kiev fall first, or will the pressure on Putin be enough to sway him?” In that sense, everything is additive — and [the IT army] may be of assistance. “Really, only time will tell.” “Ukraine considers this group to be essential to their existence.” Anvilogic’s director of security, Kevin Gonzalez Implications for the future Schmitt believes that how the international community reacts to these events after the fact will have a big impact in the long run. For example, it will be critical to see whether hactivism in support of Ukrainian cyber activities is classified as a criminal activity, as it usually is, he added. However, since the conclusion of that is now unknown, joining the IT army endeavour is “hazardous ground for an adventurous person with an internet connection to go down,” according to Tim Wade, Vectra’s deputy CTO. “This isn’t one to take lightly.” Where this kind of warfare — which includes both hactivists and cyber criminals — goes from here is also unknown. SightGain CEO Christian Sorensen, who formerly served as the operational planning team head for the United States Cyber Command, pointed out that Ukraine’s IT army is far from alone in what it’s doing right now. He claims that the hacktivist organisation Anonymous has been particularly “effective” in its cyber efforts to help Ukraine so far. “It seems to be a new style of fighting,” Sorensen said, “regardless of whether these people should be undertaking these sorts of actions.”