According to Livia Tibirna, analyst at the cybersecurity company Sekoia, nearly 260,000 people had joined the group of the cyber-army of voluntary hackers (“IT Army”) on Tuesday, raised at the initiative of Ukrainian Deputy Prime Minister Mykhailo Fedorov.
This group, accessible via encrypted Telegram messaging, displays a list of potential targets in Russia, companies or institutions, that hackers have the mission to target.
It is quite difficult to know if this cyber-army will play a role going beyond the simple effect of communication in the service of the Ukrainian cause, or if it will manage to have real effects on Russian actors.
The actions so far reported seem to be limited to "denial of service" (DOS) type attacks, when in a coordinated manner multiple requests are sent to a website to saturate it and bring it down.
Actions of "defacement" (the site displays a hacked page) were also briefly observed on Russian sites.
The "cyber-army" could also ask hackers to go and try to identify vulnerabilities on Russian sites, to send them to seasoned specialists capable of carrying out more sophisticated actions of intrusion, data theft or destruction. , explains Clément Domingo, co-founder of "Hackers Without Borders".
The cyber-army group of volunteer hackers, accessible via encrypted Telegram messaging, notably displays a list of potential targets in Russia Kirill KUDRYAVTSEV AFP / Archives
But the latter and all the other specialists consulted by AFP warn hackers against participating in the activities of the "IT Army", or other actions of cyber mavericks such as those of Anonymous.
- "A real risk" of counter-attack -
"I strongly advise against" joining these actions, believes for example Damien Bancal, a good connoisseur of the opaque world of cybercrime.
"There are plenty of other ways to help Ukrainians who are suffering", if only by relaying the testimonies that are flourishing on social networks, he believes.
Attempting to attack a website or penetrate a server or network is "computer crime" NICOLAS ASFOURI AFP / Archives
For SwitHak, a cybersecurity researcher, cyber snipers would take "too much risk".
"There are legal risks, for example, that are not measured," he said.
Attempting to attack a website or penetrate a server or network is "computer crime", he underlines
"There is a real risk of + hackback +", that is to say of a destructive counter-attack by Russian actors, also believes Clément Domingo.
The latter is particularly alarmed to see that a good number of candidate hackers have obviously not taken the trouble to create a special Telegram account to participate in the “IT Army”, at the risk of being identified by the Russian party.
In cyberspace, and in particular on forums and other discussion groups on Telegram or Discord, "we don't know who is who", insists Félix Aimé, also a researcher at Sekoia.
Inexperienced hackers can find themselves snapped up by infiltrators from the opposite camp, and find themselves working for the adversary they wanted to fight, he explains.
On the side of the experienced hackers, operators of the ransomware attacks, a certain confusion also seems to reign, with a fratricidal struggle between pro-Russian hackers and pro-Ukrainian hackers.
Inexperienced hackers can be snapped up by infiltrators from the opposite camp, and find themselves working for the adversary PHILIPPE HUGUEN AFP / Archives
The Conti ransomware group, which had declared its support for Russia, saw a pro-Ukrainian member in response to it publish more than a year of its internal communications, offering a treasure trove of information to all on the planet. cybersecurity researchers, and specialized police and spies.
The forums where cybercriminals meet “try to stay away from any debate” on the Russian-Ukrainian war to avoid attracting the attention of state services, underlines Livia Tibirna.
One of these virtual "raidforum" agoras has thus mysteriously disappeared, probably under the action of one of the parties to the conflict who felt threatened by its activity, several researchers explained to AFP.
© 2022 AFP