Russia-Ukraine War Live News: Moskva Warship, Mariupol and the Last

Hackers say they broke into dozens of Russian institutions in the past two months, including the Kremlin’s internet censor and one of its top intelligence services, leaking emails and internal documents to the public in an apparent hack and leak campaign that is remarkable in its scope.

The hacking operation comes as the Ukrainian government appears to have launched a parallel effort to punish Russia by releasing the names of alleged Russian soldiers who operated in Bucha, the site of a civilian massacre, and FSB agents, a major Russian intelligence agency. , as well as identifying information such as dates of birth and passport numbers. It is unclear how the Ukrainian government obtained these names or if they were part of the hacks.

Much of the data released by hackers and the Ukrainian government is inherently unverifiable. As an intelligence agency, the FSB would never confirm a list of its officers. Even the groups distributing the data have warned that files stolen from Russian institutions could contain malware, manipulated or falsified information and other traps.

Some of the data may also be recycled from previous leaks and presented as new, the researchers said, with the aim of artificially increasing the credibility of hackers. Or some of it could be fabricated – something that has already happened in the ongoing cyber conflict between Russia and Ukraine, which dates back more than a decade.

But the hacking effort appears to be part of a campaign by those who oppose the Kremlin to help the war effort by making it extremely difficult for Russian spies to operate overseas and sowing a seed. fear in the minds of the soldiers that they might be detained. reporting on human rights violations.

Dmitri Alperovitch, founder of the Silverado Policy Accelerator, a Washington think tank, and former chief technology officer of cybersecurity firm CrowdStrike, said there was reason to maintain healthy skepticism about the reliability of some of the leaks. .

But he added that the hacking campaign “could prove once again that in an age of ubiquitous cyber intrusions and the generation of vast amounts of digital exhaust by almost every person in a connected society, no one is capable to hide and avoid identification for egregious war crimes for a long time.”

The leaks also demonstrate Ukraine’s willingness to partner with amateur hackers in its cyber war against Russia. In early March, Ukrainian officials rounded up volunteers for hacking projects, and the Ukrainian government posted information about its opponents on official websites. A channel on the Telegram messaging platform that lists targets for volunteers to hack now has more than 288,000 members.

US intelligence officials say they believe hackers operating in Russia and Eastern Europe have now been split into at least two camps. Some, like Conti, a major ransomware group that was itself hacked in late February, have pledged allegiance to Russian President Vladimir V. Putin. Others, mainly from Eastern Europe, were offended by the Russian invasion, and in particular the killings of civilians, and sided with the government of President Volodymyr Zelensky of Ukraine.

Some of the online fighters have moved away from the tactics used earlier in the conflict. During the first phase of the war, Ukrainian hackers focused on attacks aimed at taking Russian websites offline. Russian hackers targeted Ukrainian government websites in January, before the invasion, installing “wiper” malware that permanently erases data from computer networks. More recently, Russian hackers appear to have launched attacks that could have knocked out electricity or disrupted military communications. (Several of those efforts have been foiled, according to U.S. officials.)

But the disclosure of personal data is more akin to an information war than a cyber war. This echoes Russia’s tactics in 2016, when hackers backed by a Russian intelligence agency stole and leaked data from the Democratic National Committee and individuals working on Hillary Clinton’s presidential campaign. These hacks aim to embarrass and influence political outcomes, rather than destroy equipment or infrastructure.

Experts have warned that the involvement of amateur hackers in the conflict in Ukraine could sow confusion and spur more state-sponsored piracy as governments seek to defend themselves and retaliate against their attackers.

“Some cybercrime groups have recently publicly pledged their support to the Russian government,” the Cybersecurity and Infrastructure Security Agency said. warned in a notice Wednesday. “These Russian-aligned cybercriminal groups have threatened to conduct cyber operations in retaliation for perceived cyberoffensives against the Russian government or the Russian people.”

Distributed Denial of Secrets, or DDoSecrets, the nonprofit that releases many leaked documents, was founded in 2018 and has released documents from US law enforcement agencies, front companies and right-wing groups. But since the start of the war in Ukraine, the group has been inundated with data from Russian government agencies and companies. It currently hosts more than 40 datasets related to Russian entities.

“There has been a lot more activity on this front since the war began,” said DDoSecrets member Lorax B. Horne. “Since late February, it’s not all Russian datasets, but it’s an overwhelming amount of data we’re getting.”

DDoSecrets operates as a clearinghouse, publishing the data it receives from sources through an open submission process. The organization claims that its mission is transparency with the public and that it avoids political affiliations. It is often described as a successor to WikiLeaks, another non-profit group that published leaked data received from anonymous sources.

On March 1, Ukrainian media outlet Ukrainska Pravda published names and personal information it said belonged to 120,000 Russian soldiers fighting in Ukraine. The information comes from the Center for Defense Strategies, a Ukrainian security think tank, the outlet reported. At the end of March, Ukraine’s military intelligence service released the names and personal data of 620 people it said were Russian FSB officers.

And in early April, the military intelligence service released the personal details of Russian soldiers they believe were responsible for war crimes in Bucha, a suburb where investigators say Russian troops waged a campaign of terror against civilians. .

“All war criminals will be brought to justice for crimes committed against the civilian population of Ukraine,” the military intelligence service said in a statement posted on its website that accompanied the Bucha data dump. (Russia has denied responsibility for the Bucha killings.)

Russian state-backed hackers have also carried out a number of cyberattacks in Ukraine since the start of the war, targeting government agencies, communications infrastructure and utility companies. They have relied heavily on destructive malware to wipe data and disrupt operations of critical infrastructure companies, but have occasionally used hacking and leaking tactics.

In late February, a group calling itself Free Civilian began leaking personal information that allegedly belonged to millions of Ukrainian civilians. Although the group presents itself as a collective of “hacktivists,” or people using their cyber skills for political gain, it actually served as a front for Russian state-backed hackers, according to CrowdStrike researchers. The hack and leak operation was intended to sow distrust in the Ukrainian government and its ability to secure citizens’ data, the researchers said.

Hackers affiliated with Russia and Belarus have also targeted Ukrainian media companies and military officials in an effort to spread misinformation about a Ukrainian military surrender.

But much of Russia’s hacking efforts have focused on damaging critical infrastructure. Last week, Ukrainian officials said they had halted a Russian cyberattack on Ukraine’s power grid that could have knocked out power to two million people. The GRU, Russia’s military intelligence unit, was responsible for the attack, Ukraine’s Security and Intelligence Service said.

US officials have repeatedly warned US companies that Russia could carry out similar attacks against them and urged them to strengthen their cyber defenses. The Australian, British, Canadian and New Zealand governments have issued similar warnings.

In early April, the Justice Department and the FBI announced that they had acted in secret to prevent a Russian cyberattack by removing malware from computer networks around the world. The move was part of an effort by the Biden administration to pressure Russia and discourage it from launching cyberattacks on the United States. Last month, the Justice Department charged four Russian officials with carrying out a series of cyberattacks against critical infrastructure in the United States.

But so far Russian activity directed at the West has been relatively modest, as Chris Inglis, the national cyber director for the Biden administration, acknowledged Wednesday at an event hosted by the Council on Foreign Relations.

“That’s the question of the moment – why, given that we expected the Russian playbook, having relied so heavily on disinformation, cyber, to marry with all the other instruments of power, why Haven’t we seen a very significant cyber game, at least against NATO and the United States, in this case?” He asked.

He speculated that the Russians thought they were headed for a quick victory in February, and when the war effort ran into obstacles, “they got distracted,” he said. . “They were busy.”

About Bernice D. Brewer

Check Also

Imagined Worlds | CMUnow

Assistant professor and filmmaker draws inspiration from the outdoors in his unique, award-winning stop motion …