Cyber Alliance on hackers in Russia – Ukraine war and questionable rules of the Red Cross

Cyber Alliance on hackers in Russia - Ukraine war and questionable rules of the Red Cross

"Civilians have always been involved in wars: some work in the rear, some carry out sabotage." Cyber Alliance member in exclusive interview to DOU.UA on hackers in war and questionable rules of the Red Cross.

"The Ukrainian Cyber Alliance (UCA) is a community of Ukrainian cyber activists that emerged after several hacker groups merged in 2016. Its main goal was to counter Russian aggression. Later, the UCA also launched a flash mob to assess the security of Ukraine's state resources.

In 2021, Ukrainian Cyber Alliance spokesperson Andriy Baranovych gave a lengthy interview to DOU. We decided to talk to him again to learn about the activities of the UCA during the full-scale war. Andriy told us how cyber warfare has changed since the invasion, why Russian hackers' operations can often be called unsuccessful, which DDoS attacks are really useful, and assessed the current level of cyber security of government agencies.

"At first, there was a lot of chaos: there were chats with hundreds of people, where it was unclear who belonged to what and what they were responsible for."

- We spoke to you in February 2021. Back then, you said that UCA members were not yet engaged in systemic projects and were doing their own thing. Did anything important happen for the Ukrainian Cyber Alliance a year before the full-scale invasion?

Yes, that's right. We were doing our own thing, although we still had projects related to Russia that we didn't want to abandon. So we were looking for people to entrust them to. This went on for a year.

In general, it was clear that a full-scale war would begin. But, as usual, the Russians managed to deceive both us and themselves. On February 24, 2022, we talked to the military and special services and decided that we were useless in Kyiv. So on February 26, we moved to Lviv for a while.

There we began to organize more actively. The process involved security, IT, and government services, which immediately became available: The Ministry of Defense, the NCCC, the SBU. Absolutely everyone had a common cause.

At first, there was a lot of chaos: there were chats with hundreds of people, where it was unclear who belonged to what and what they were responsible for - all under pseudonyms. So we tried to gradually put things in order in this hacking activity. At the same time, we were discussing with the Ministry of Defense: "Shouldn't we organize a cyber army?" However, these conversations ended in nothing.

A number of new groups were formed and began to do what we had been doing for many years. Because of the chaos, it was unclear who was doing what and how to contact them. There is a Twitter account called CyberKnow that keeps a list of hacker groups from Ukraine and Russia. As of today, it has counted several hundred of them. In particular, a huge number of schoolchildren rushed to this "clearing" and immediately announced on Telegram that "a new powerful APT group has been created," after which they posted a database with 1000 entries or claimed to have hacked the village council's website. Such an influx of "hackers" was, of course, very disturbing.

At first, this situation was actively discussed, in particular in professional circles of policy makers, mostly in the West. Many expected a "digital Pearl Harbor". But even researchers and CTI analysts were paying attention to the wrong things. All these DDoSes, Fedorov's IT army, and the Russian KillNet clogged the information space so much that it was incredibly difficult for even experts to sort it out. The chaos lasted until the fall of last year, and then the first wave of excitement finally subsided, leaving only groups that intend to work to the last. For them, this is not a hobby, but a constant job that requires resources and daily effort.

"I don't see any point in putting any resource online for two or three hours, even if it's"

- You have already partially told us about the cyber resistance of Ukrainian volunteers. In March last year, State Special Communications Service made the following assessment: "The Ukrainian cyber army has 400,000 activists," but then announced a decline in activity. In your opinion, how much did this large-scale movement help? How do you assess the current situation? Should we campaign for more people to join the cyber resistance?

As an information security specialist, I would say that DDoS is not an event at all. Yes, there may be benefits from such attacks (I'll come back to this). But in general, this is not a method.

For example, there is a small Ukrainian media outlet (I won't name it specifically). They have a single server that hosts their website: they exist only online. Although, of course, they have an editorial office somewhere, and everything is as it should be. The Russian KillNet started DDoSing them, and the site went down for two hours. They called in the experts, reconfigured the server, and since then it has been working perfectly, and it can't be hacked anymore. This is an example from our side, but in general, I don't see any point in putting any resource down for two or three hours, even if it is There is no long-term damage from this. In the public sector, I have not seen an attack from either the Russian or Ukrainian side that lasted at least a week. Usually it's a few hours. DDoSers just show that they can put something down.

Once, due to such a DDoS attack, we lost access to a very large network, where we had already started managing and uploading data. And then a DDoS attack started on their external sites, the admins began to "fence themselves in" and we lost access. We may return there, but it prevented us from doing so at the time.

However, sometimes such attacks can be quite appropriate. If they divert attention from something or, on the contrary, prevent an event that everyone is waiting for. This was the case with the St. Petersburg Economic Forum: everyone was waiting for Putin's speech, but it was delayed by an hour or two due to a DDoS attack. Another example is the recent attack on the airline reservation system: chaos broke out at airports, people were crowded, and they couldn't check in for their flights. However, there are few operations to be proud of.

We don't have many hackers. There can be as many people as you want on the channel, even a million - it's not about the number, it's about what they can do. If you just press the F5 button, it doesn't make much sense. I'm sorry that so many people waste time on trivial things. I think with better organization and goal setting together, we could do much more damage.

Economic sanctions undermine Russia's ability to produce, trade, and therefore receive money to wage this war. Similarly, hacking can be perceived as a kind of direct action sanction, when people are not deprived of the opportunity to earn something, but the means of production controlled by computers are destroyed. Yes, the goal is to cause direct damage, and the more the better. Or reconnaissance in places where something useful can be found - something that could be used by our military and special services.

- Could such a movement be more useful if it were better organized?

Yes, people should try to do something more instead of routinely repeating attacks that have no effect. Although, of course, we shouldn't dismiss the fact that such mass movements also form a community from which more professional hacker groups can emerge in the future.

- A post dated March 2, 2022, was published on the Facebook page of Cyber Alliance: "Actually, we had faith that there are conscious citizens in the Republic of Belarus." How strong was the support of the international hacktivist community at the beginning of the full-scale war? And what is the situation now?

We have to rely mainly on our own strength. Of course, there are people from abroad with whom we communicate. With the same Belarusian cyber guerrillas: they helped us, and we helped them. Sometimes there are volunteers from other countries who offer help. However, there is often a question of trust: there are a lot of random people who think they are engaged in an important project, but in fact they know nothing and, despite their good intentions, are just wasting time.

Yes, there are volunteers who can really help. There are a lot of them in Ukraine, and much fewer abroad. It is clear that foreigners cannot be concerned about this topic all the time. In the first few months after the invasion, Ukraine was talked about continuously, from morning to evening. Now the focus has shifted to other topics - hackers from other countries have joined something, and now they are doing their own thing. This is not their war.

"Many attacks on the Russian Federation go unnoticed, in part because administrators are afraid to tell even their superiors about them."

- At the time of the full-scale invasion, the UCA already had developments and experience. How much did this help in the chaos of the time?

Of course, experience helps, because you are not acting from scratch. We know exactly what we can find, what the likely effects are, how the state machine is organized in the Russian Federation. In particular, from a technical point of view: they have internal, closed networks - we know where to look for entry points into them.

- A lot of people joined the cyber war - how did you choose your targets, what did you focus on?

During the full-scale war, new tasks emerged. For example, deconfliction, because on some targets you could see five or six hacker groups at the same time: each of them was setting up their own hooks and backdoors. Sometimes there were very offensive situations. Let's say I was sitting in some system as an administrator, waiting for the right conditions to take control of the entire network. And then the IT army bursts in, defaces the site, and then their administrator appears and completely demolishes everything. It is not always possible to return to such a system. That's why I consider it a great achievement that the UCA has already gotten acquainted with almost everyone, including Cyber Anarchy Squad, UHG, DumpForums, etc. Now we can carefully exchange information, knowing that it will not leak, help in some way, even give away our access, which we do not have time for. And we had to work hard for this.

As for the targets, we, like many others, started with the simplest - with elementary hacking methods that can be reproduced without much effort. We know the vulnerabilities that can be shown even to a person on the street (if they are motivated enough and want to learn) and say: "Do it once, do it twice, do it three times," and you will gradually get it right. We are not talking about a genius hacker, but just a novice pentester who can perform tasks.

By the way, we can't rule out luck either: sometimes even in large companies, almost among the top ten largest, we found elementary security gaps. The situation with cybersecurity in Russia is similar to that in Ukraine. But while we periodically have scandals in this regard, the Russians are absolutely convinced that they are "the homeland of brilliant programmers, the best specialists" and "the second country in the world right after the United States." Of course, this is not true: their level is the same as in Ukraine. And the fact that they don't want to admit this is only to our advantage: many attacks on the Russian Federation go unnoticed, in part because administrators are afraid to tell their superiors about them, not to mention the NCSC, the Ministry of Information, the Federal Service for Technical and Export Control and other agencies responsible for cybersecurity in Russia.

"All targets, including healthcare, transportation, and communications, are top of mind for hackers."

- When we spoke last time, you said: "Our goal is to exclusively obtain information about Russia, its participation in the war, its military and political leadership, nothing else has ever interested us." Has this global goal been transformed since the start of the full-scale war? What does it look like now?

There is one major difference between before the invasion and after the invasion. Until 2022, we were doing more activist work, i.e. showing that the Russians are lying, Russia is not negotiating, a big war is inevitable, nothing will end easily. There was an internal agenda where we had to show, explain and prove things to people. Now we are dealing with open terrorism, so we don't have to publish anything. And we are not interested in what the Russians think about it. So if we know that something has been leaked or destroyed, meaning that we have achieved our goals, we just move on.

In other words, back then, we focused on gathering intelligence so that we could have a holistic understanding of the public and non-public processes that were taking place - how they could affect our country. Now I am personally interested in intelligence when there is actionable intelligence. That is, information that opens up opportunities for those with whom we work together, gives advantages here and now or the opportunity to do harm: to hack, spoil and destroy something. In fact, this has always been our task. When I made our first website in 2015, these goals were formulated in exactly the same way, because the entire population of Russia, their leadership, is collectively responsible for the war that has been unleashed, and there is no way to avoid this responsibility.

- Earlier, you said that you were guided by certain principles, for example, not to touch the critical infrastructure of the Russian Federation. How much have your principles changed?

In fact, this question arose when the International Red Cross published the so-called "8 Rules of Warfare" specifically for hacktivists. They call for the separation of civilian and military targets, and for the observance of guarantees for non-combatants. I have a slightly different attitude to this.

When important military facilities are disabled and people die at the same time, this is what happens in war. In principle, a technological facility or a hazardous production facility can also be put out of commission, and many people who are not directly involved in the war will die. I still believe that such actions are unacceptable; no one wants to kill civilians. But if this is not a senseless attack and the destruction of facilities is not related to a direct threat to life and health, I think all targets, including medicine, transportation, and communications, are the first targets for hackers. For example, if we go into the medical system, we will get medical records for tens, hundreds of thousands, or even millions of people. These data can be used to assess how, say, mobilization is going in Russia and many other useful things.

Therefore, in this regard, I disagree with the Red Cross. We will not follow the rules they impose, but will continue to attack all targets, including civilian or critical infrastructure. In modern warfare, these are very closely related things. For example, our army uses Starlink. Is this military or civilian infrastructure? In Russia, they also use the capabilities of their civilian infrastructure. So I think this is a completely invented distinction. Civilians have always been involved in wars: some work in the rear, some carry out sabotage. There has never been such an opportunity to step aside and say: "Please don't touch me, I am a civilian, I am not involved in this" - there has never been anywhere in history.

"Each individual person knows exactly what he or she needs to do, like on an assembly line."

- How many operations has UCA conducted during this time: dozens, hundreds, or more? Can you tell us about any of them publicly?

The scale has increased dramatically, because we track not tens, not hundreds, but thousands of goals. And we're already trying to prioritize them and pay more attention to them. At first, we showed something, even made a few defects, although this is considered a minor attack - we just wanted to confirm that we are not sitting idly by. Not long ago, I wrote about how hacker groups interact. To attract attention, I added a database of a million people. Before that, we publicly talked about the hacks of the FSIN, the Russian prison bureau, and the CSTO, a military bloc that is now falling apart after Armenia's defeat in Karabakh. The UCA wanted to show the level: we can "hack" the ministry, "break into" the prison. Or this military bloc, which on paper is supposedly opposed to NATO, can pull everything out of there and post messages that Russia and other CSTO countries will be forced to refute later. Of course, this does not add to their credibility or stability.

- By the way, do you ever get specific requests? Or do you mostly choose your own goals?

Of course, we take into account the priority and listen to current requests. Sometimes we already have what we need in a ready-made form. We just didn't know who might need it and why.

- Were the operations interesting from a technical point of view?

Yes, there are interesting technical issues. For example, to implement an idea, you need to find a complex solution, write additional software, and test it - it can take several weeks. But the most important thing is that we have started to achieve repeatable results - this does not depend on skill or luck, but is simply technology. Each individual person, like on a conveyor belt, knows exactly what they need to do.

Another achievement is that we have managed to significantly shift from opportunistic attacks - when we hack what we can - to targeted attacks, when we can hack what we want (or, if we fail to hack the desired target, we hack another one from the same sector). These are targeted attacks, when we know what effect we want to achieve.

In fact, I am very pleased that over the past year and a half, Ukraine has developed such an unofficial cyber army in addition to official structures. People are showing results. Even if we judge by public leaks, the scale is enormous. Just what's on Telegram channels alone is billions of records. Almost any person in Russia (even those who have never used a computer) is included in these merged databases. It is possible to find and track anyone, including members of the Russian special services and the army, which is exactly what is useful to know. Such data leaks are just the tip of the iceberg, because huge amounts of non-public information are being merged at the same time, which goes directly to our army and special services. It is not necessary to talk about this publicly. Systems are collapsing, and this causes significant damage. With all their pride, Russians are forced to recognize that this is a problem. They are changing their national legislation, introducing inspections, commissions, temporary cybersecurity headquarters, and even trying to "fence off" their Internet and ban VPNs. Of course, this will not affect anything.

A community has emerged in Ukraine that knows exactly what it wants. And we want to win the war. Hacking is not a decisive part of the joint effort, but it is a part of the joint effort that produces quite visible results.

- What kind of visible results are you talking about? Of course, you don't have to be specific, you can talk in general.

We all read the news. From time to time, it gets there: something stopped, broke down, caught fire, the connection is down, or Zelensky's address appeared on TV instead of a movie... Some things I just can't talk about. We work with the military and special services - these are not exactly our secrets anymore. We need permission to disclose such information. Or when they start bragging about it themselves, then we may make adjustments to the extent to which each result is their own merit.

"Sometimes there are 'ominous' hints from the Russian special services, but as long as they are there and I am here, it looks ridiculous."

- Let's talk about the organization itself. In February 2022, did all the members of the UCA leave? Have you already returned from Lviv?

I have been in Kyiv for a long time. We all lived in Lviv and then returned home. We decided that it would be better to be closer to the center: there are many people in Kyiv with whom we need to keep in touch, and it is easier to communicate. Although in general we have a distributed team, with members from different cities.

- Do you continue to act as a community organization?

Nowadays, we act less as a formal organization and more as a kind of group. We communicate with a lot of other groups, and it doesn't really matter whose name is on it. We need labels only during public events. Then we indicate on behalf of whom it is happening.

The most important thing is that this entire community is turning into one giant group with common goals and an understanding of what needs to be achieved. We also strive to avoid conflicts and not interfere with each other.

- In 2021, you said that the UCA had three active members at that time. Has your number increased over the past year and a half?

Yes, it has. Of course, we have new people who are interested in this topic. I won't give any details. I'm a public person, but our security operation is being strengthened. We don't want Russia to know how many of us there are. What we want to tell, we tell publicly, we publish posts that "this was hacked by the Ukrainian Cyber Alliance" and, let's say, Cyber.Anarchy.Squad. The rest, including the size of the team, should remain a secret.

- You said that during the years of the Cyber Alliance's existence, you have been constantly receiving threats. Did the situation become more acute during the full-scale war?

There were few direct threats. Sometimes there are "ominous" hints from the Russian special services, they think it's very scary. But while they are there and I am here, it looks ridiculous. In the first weeks after the invasion began, they tried to threaten information security professionals - in addition to hackers, they also threatened analysts who are engaged in security, not attack. They exaggerate their ominousness. They might be able to scare someone inside Russia, but at this distance from the front line, it's just ridiculous.

- To what extent do you and the rest of the UCA members manage to combine your activities with your main job?

It takes a lot of time, but so far we've managed. Especially at the very beginning of the full-scale war, we started to organize our activities to bring them to a completely different level. So, a year ago, we organized a small crowdfunding campaign, raised 10 thousand dollars and bought a 150 terabyte storage to store our "booty". Significant help from volunteers in the form of hardware and money freed up more time for hacking.

However, I believe that the most important thing is not exploits, vaults, or expensive computers, but simply the ability to negotiate, organize, and make all these hacks not something extraordinary, but a completely repeatable routine. We set ourselves exactly this task: to make sure that every person involved in UCA's activities knows what they are doing day in and day out, month after month. This is how it happens, which, of course, gives its results.

- Do you still get help today, or has volunteer support decreased, as is evident in many other areas?

We try not to pull people's strings unnecessarily. There are plenty of things to spend money on in Ukraine: the army has a huge number of needs that volunteers cover as best they can.

"Russia initially set absolutely unrealistic goals, which are essentially insane"

- Your quote from the previous interview about cyber warfare: "There are no official doctrines in Ukraine. The sphere is not developing: neither in terms of defense nor in terms of attack. There are, of course, numerous state cyber centers, including the SBU cyber center, the State Special Communications Service cyber center, and the Defense Ministry cyber center, but so far we don't see any significant successes on their part." How much has this situation changed in a year and a half in practical and legislative terms?

In legislative terms, it's only for the worse. In February 2022, changes to the Criminal Code were planned to normalize the activity of white hackers who do not cause any harm but only try to suggest where there are vulnerabilities in the system. But instead of the expected liberalization, we got an increase in liability - almost up to 15 years. This point was completely failed. Now they are trying to push through all sorts of laws, but in my opinion, nothing has changed fundamentally.

In practical terms, I must admit that there are quantitative changes: people have started working, not pretending to work. I communicate with the guys from CERT-UA, and they are trying hard and doing a lot to counteract enemy hackers. And not just them - other organizations are doing it too.

Unfortunately, all these efforts do not produce a systemic result. Our Western partners are surprised that the "digital Pearl Harbor" that everyone expected did not happen. But this happened not entirely because we have such good defense or because the contribution of these Western partners is so significant (although it is undoubtedly significant and without it it would be much more difficult). The fact is that from the very beginning, Russia has set absolutely impossible goals, which are essentially insane. Their attacks do not achieve the result they want, simply because it is impossible to achieve. However, attacks are happening all the time, and there is still no systematic work on building cybersecurity as a system (sorry for tautology).

The first attack, which can be used as the beginning of the invasion, occurred on January 14, 2022. Then there were serious attacks on the Ministry of Internal Affairs, the Ministry of Foreign Affairs, and so on. And the saddest thing is that the Russians managed to repeat these attacks. I mean, we already know that they have entered the buildings, posted some dumps of mail and documents, but somehow they always return to the same places. It turns out that our state apparatus is not ready to defend itself. If an institution is lucky enough to have competent administrators who know what to do, they can fight back. But there are no ready-made mechanisms to scale successful experience to the entire huge state machine.

- Can we say that there is progress in our state security sector, primarily due to the fact that employees are working harder?

Both the army and the state apparatus have a large influx of new people who come with their own knowledge and methods and work, as I have already emphasized, hard. But I cannot say that the overall security situation has improved. It has only improved in some areas. Russian special services still feel at home here. They should not be underestimated; from a technical point of view, they know how to hack. The fact that they set themselves strange tasks and have completely different success rates is another matter.

- What exactly are these success rates?

Let's take the most illustrative attack of January 14, 2022, as an example. Its goal was to demoralize the Ukrainian elite-all people who are ready to resist the invaders, to convey the message that "we are coming and will kill you all." At the same time, the Russians tried to do this under a false flag by placing geotags near the Polish General Staff, and also by passing off the attack as a commercial one, as if some fly-by-night hacker was going to sell this information. In other words, they spun so many layers of lies that no one even understood what they were trying to say. It took analysts 7-10 days to figure out what the original plan was.

From a technical point of view, this operation was successful: a huge number of hacked and destroyed systems. They had been preparing for this attack for almost a year without anyone noticing. But they did not achieve their goals. And again, it's not because we were so well defended, it's just that their goal could not be realized.

"Why do you need artificial intelligence if you can't set up your home router in a human way?"

- Even before the full-scale war, the UCA launched a flash mob #FuckResponsibleDisclosure to assess the level of protection of state resources. Do you continue to conduct internal monitoring? Do you have enough time for it?

Ukrainian government systems come into our field of vision. We don't talk about it publicly, we don't shame anyone, but follow the classic responsible disclosure and pass on all the necessary details to CERT-UA. Recently, we found a security vulnerability in a very large store, and CERT-UA contacted them and told them how to fix the flaw.

- Do you specifically monitor this or does it come to your attention by accident?

Sometimes by accident, sometimes not. Among other things, we carefully read what is happening on the Russian side, what they are doing. Sometimes we even manage to be proactive and prevent them from getting where they want to go. But we do not do this on purpose. The country has a whole government agency responsible for cybersecurity, and they have some projects in this regard. This is their job - let them do it.

- Your words: "Incompetence and irresponsibility are the two reasons that allow Russian hackers to attack our state and business structures." Have the main problems remained the same? What options do you see for solving them in the current environment?

They are the same. Nothing has changed fundamentally. There are no easy and quick solutions. It's a slow and tedious job - starting with the purchase of equipment, software licenses that are missing, minimal settings that someone has to make, basic training of system administrators who may not exist at this point. This is where any company starts when it crosses a certain threshold of development. If you have 10 employees, they can sit around a Wi-Fi router and work. But if you have 100 or 1000, you need to organize the process. But no one wants to do this. Because it is unfashionable, difficult, boring.

- Speaking of fashion. Recently, it seems that everyone is constantly talking about cybersecurity...

Mostly, these are visionary claims like: "Let's adapt artificial intelligence to cybersecurity!". Why do you need artificial intelligence if you can't set up your home router in a human way? AI will not set it up for you. Just like it won't stop you from clicking on whatever you want when you receive an email from an unknown contact. Of course, this is a trendy topic, popular, in part because of its incomprehensibility. But to change something, you need to work long and hard.

- Given the enormous experience of the members of the UCA, have you received any offers from the army or the public sector to work for them officially?

I don't want to be involved in defense. I like to hack. Offensive security has always been my specialty. I like pentests more than compliance or network configuration. Moreover, we have plenty of talented people in defense.

- You have mentioned cooperation with government agencies and the military many times. How much easier is it to interact now, has the issue of bureaucracy disappeared?

I think it is still relevant in some places, but it does not concern us. We are interested in making sure that what we do is used. And no one is interested in just filling up the number of goals on the counter. Over the past years, we have hacked so much that we can brag about it until we are old.

I believe that our hacker community makes a significant contribution to the war with huge amounts of intelligence that can be used by both the military and special services. We have always communicated and interacted with them. But now it's really much easier.

"In cyberwarfare, there are not always external effects - with video broadcasts, blackouts, but in general, the damage is catastrophic."

- Let's go back to the beginning of the conversation. There are still a lot of people who want to join the cyber resistance. In your opinion, what options do they have to help effectively?

The same army and special services are in great need of specialists. They need system administrators, programmers, project managers, testers, etc. There is a vacancy for almost any IT specialty. If a person is ready to apply knowledge in this way, there is something for him or her. You don't have to become a hacker. There are few of them everywhere.

- And what about a few free hours after work?

Today, Ukraine is developing quite a few different projects related to war and the army: new types of defensive and offensive weapons, control systems, and communication systems. Some of them are vacancies in the service, some are volunteer projects. If a person has a desire to do something like this, it's easy to find something to their liking.

A hacker is a specialist like anyone else. When, say, a young person starts his or her first job after graduation, it will take months or about a year before they can perform their duties at the junior level in a conscientious and high-quality manner. It will take years before they are promoted from junior to senior. Usually, hackers have several computer specialties. In the past, I worked as a system administrator, programmer, and security specialist. And I can work in each of these specialties now. Hacking is not an easy occupation, you need talent or a lot of work and training. A person cannot walk in off the street and say, "Now I'm going to become a DevOps!" It's the same here, it doesn't happen.

- So you don't take on interns, those who come to you saying: "We really want to"?

No, we are ready to help, advise, and teach something, but only to those who are already doing something. We have neither the resources nor the time to recruit people and organize courses.

- Are there any other projects you are planning and can tell us about?

So far, all the time and thoughts are related to current goals, to the war. We will think about long-term plans later. Right now, we have so many projects that we don't have enough time for that we have to choose the most promising ones.

- Are there any other key moments over the past year and a half that we haven't mentioned?

It is striking how slow, inactive, and unprofessional Russia is in its attempts to counter hacking. Our specialists are used to being scolded, reacting to new scandals, and often feel insecure. And in Russia, everyone is so complacent that they don't even realize the catastrophic amount of hacking that has already taken place. As for personal data, consider it a complete abolition of privacy, as everyone has information about everyone.

Just in February 2022, our GUR was able to independently identify several hundred FSB officers - that's how effective database leaks (not to mention more serious hacks) can be. This is impressive. Although cyber warfare does not always have external effects - with video broadcasts, blackouts - the overall damage is catastrophic. The Russian Federation is suffering serious damage, and I am glad about that.

Ukraine Front Lines


WE NEED YOUR HELP! 24/7, every day, since 2014 our team based in Kyiv is bringing crucial information to the world about Ukraine. Please support truly independent wartime Pulitzer Prize-winning journalism in #Ukraine.

You are welcome to fund us:

Support Ukraine Front Lines

Share this:


Leave a reply

Your email address will not be published. Required fields are marked *


Copyright ©2014-2024 Ukraine Front Lines


You can send us an email and we'll get back to you, Ukraine Front Lines team


Log in with your credentials

Forgot your details?