Tag Archive for: Ukraine

How Ukraine built a volunteer IT army from scratch

/in


As Russian bombs began to fall across Ukraine in February 2022, many faced a daunting choice: stay and fight or flee for safety. Among them was Ted, a tech entrepreneur living in Kyiv (who is using a pseudonym for security concerns). Initially taking his family to safety in Lviv, Ted wanted to fight. Lacking military skills, Ted like many other Ukrainians who had a tech background wanted to contribute on other battle fronts.

His wife was a public servant who was well-connected with the Ukrainian government. Through conversations with the Ministry of Digital Transformation, an idea arose to leverage people with tech backgrounds to defend the country on the cyber battlefield. What followed was the historic formation of a volunteer hacker army fighting on Ukraine’s behalf – the world’s first such group in cyber warfare.

The IT Army of Ukraine emerged just two days after Russia’s full-scale invasion of Ukraine in February 2022 as Ukraine’s Minister of Digital Transformation Mykhailo Fedorov issued a rallying cry to all volunteers willing to join the hacker ranks of the IT army to help defend Ukraine. He proclaimed, “We continue to fight on the cyber front.”

At its peak, the volunteer IT army’s Telegram channel reached around 300,000 members in March 2022.

IT army of Ukraine mykhailov Fedorov digital transformation Ukraine cyber troops
Ukraine’s Minister of Digital Transformation Mykhailo Fedorov tells about the achievements of the IT Army of Ukraine during the results of his agency over 2023. Photo: IT Army of Ukraine/FB

Fedorov’s call to action resonates with the historical appeal of the Special Operations Executive (SOE) during World War II – Winston Churchill’s famous directive to the SOE was to “set Europe ablaze,” inspiring a similar spirit of resistance in the digital domain.

“We tried to activate every part of society to resist Russia’s war,” Ted said of the early days of the war. Ukrainian officials and volunteers wanted to see how they could leverage the highly talented population of our society, “keeping in mind our software developers and people in the IT sector,” said Ted.

In the early days, organizers focused on the basics, such as creating a Telegram channel and doing the groundwork to get operations going….

Source…

Ukraine Claims Revenge Hack Against Moscow Internet Provider

/in


Sources reportedly tipped off Ukraine media to a cyberattack launched this week by the Blackjack cyber group, linked to the Security Service of Ukraine (SBU), that they claim was able to “destroy” the servers of Moscow Internet service provider M9 Telecom.

The ISP’s website was operational on Jan. 9.

Unnamed sources told state-run Ukrainian media outlet Ukrinform that the cyber operation was in retaliation for the Russia-backed breach of Kyivstar mobile phone operator Dec. 12, which caused communications blackouts across Ukraine. The source reportedly added the M9 Telecom cyberattack was just a “warm up” for more “serious revenge for Kyivstar.”

The Blackjack cyber group likewise claimed credit for the late December breach of Moscow’s Rosvodokanal water utility, which the group claimed it was able to pull off with the help of the SBU.

Earlier this month, the SBU’s cyber chief, Illia Vitiuk, warned that Russia’s compromise of Kyivstar, a modern, private company should signal to Western countries that nothing is beyond the reach of sophisticated Russian cyber threats.

Source…

Ukraine says Russian hackers penetrated major telecoms network for months – POLITICO

/in


Russian hackers were inside Ukrainian telecoms giant Kyivstar’s system from at least May last year in a cyberattack which crippled its services in December, Ukraine’s top cyber spy said.

In an interview with Reuters published Thursday, Illia Vitiuk, head of the Security Service of Ukraine’s cybersecurity department, said: “This attack is a big message, a big warning, not only to Ukraine, but for the whole Western world to understand that no one is actually untouchable,” adding it wiped “almost everything,” including thousands of virtual servers and PCs.

The attack caused more than 24.3 million Kyivstar customers to lose phone reception, with banks reporting disruptions to their services and Ukrainians in the country’s eastern war zone being left without a connection. Vitiuk has attributed the attack to Sandworm, a Russian military intelligence cyberwarfare unit which has been linked to cyberattacks in Ukraine and elsewhere.

“For now, we can say securely, that they were in the system at least since May 2023,” Vitiuk said, adding, “I cannot say right now, since what time they had … full access: probably at least since November.”

In a video statement in December, Kyivstar CEO Oleksandr Komarov said: “Unfortunately, the war with Russia has several dimensions. One of them is in cyberspace.”

Source…

Sandworm hacker group behind cyber attack on Kyivstar – Security Service of Ukraine

/in


Sandworm hacker group behind cyber attack on Kyivstar – Security Service of Ukraine

The hacker group Sandworm, which is a regular unit of Russian military intelligence, was behind the cyber attack on the Ukrainian mobile operator Kyivstar at the end of December 2023, Head of the Security Service of Ukraine’s (SBU) cybersecurity department Illia Vitiuk said in an interview with Reuters.

“The SBU helped Kyivstar restore its systems within days and to repel new cyber attacks. After the major break, there were a number of new attempts aimed at dealing more damage to the operator,” the SBU press service quoted Vitiuk on its Telegram channel on Thursday.

According to the head of the department, the enemy planned to strike several times in a row, seeking to leave people without communication for as long as possible. “In this case, other operators might not be able to withstand a prolonged overload of their networks,” he said.

Vitiuk said that the SBU continues to investigate the case of a large-scale hack of Kyivstar under several articles of the Criminal Code of Ukraine.

“Currently, cyber specialists of the Security Service are already examining individual samples of malicious software used by the enemy. The attack was diligently prepared for many months,” the head of the SBU department said.

Vitiuk confirmed that the hacker group Sandworm, a regular unit of Russian military intelligence and has previously repeatedly carried out cyber attacks on Ukrainian targets, including telecom operators and Internet providers, is behind this attack. He also emphasized that this cyber attack had a significant impact on civilians but did not have a serious effect on military communications, since the Defense Forces use different algorithms and communication protocols.

In general, according to Vitiuk, since the beginning of the full-scale invasion, the SBU has detected about 9,000 cyber attacks on government resources and critical infrastructure facilities in Ukraine.

Source…