As the war in Ukraine wages on the digital war grows with it. Every day, around 5 am local time, the Telegram channel housing Ukraine’s unprecedented “IT Army” of hackers wakes up with a new list of targets. The volunteer group has been knocking Russian websites offline using repeated distributed denial-of-service (DDoS) attacks. These attacks flood websites with traffic requests and make them inaccessible from any device. This has been going on every day since the war started.
From Russian online payment services and government departments to aviation companies and food delivery firms, they have all been targeted by the IT Army as they continue on their quest to disrupt Russia. “Russians have noticed regular hitches in the work of TV streaming services today,” the government-backed operators of the Telegram channel posted after a claimed operation in the middle of April.
Since Russia invaded Ukraine towards the end of February, the country has faced a barrage of hacking activity and DDoS attacks. Hacktivists, Ukrainian forces, and people from all around the world who are taking part in the IT Army have targeted Russia and its business. DDoS attacks make up the bulk of the action, but researchers have spotted ransomware that’s designed to target Russia and have been hunting for bugs in Russian systems, which could lead to more developed and intricate attacks.
At the start of the war, DDoS attacks were unrelenting. Record-breaking levels of DDoS attacks were recorded during the first three months of 2022, according to an analysis report from Russian cybersecurity company Kaspersky. Both Russia and Ukraine used DDoS to try to disrupt each other. However, the efforts of the Ukrainians against Russia have been more innovative and Drawn out.
While Kaspersky’s analysis says the number of DDoS around the world has gone back to normal levels as the war has progressed, the attacks are lasting for longer—hours rather than minutes. The longest lasted for more than 177 hours, over a week, its researchers found. “Attacks continue regardless of their effectiveness,” Kaspersky’s analysis says.
While cyberwarfare throughout the conflict may not have been as obvious or had the impact some predicted, many incidents may happen without publicity or outsider knowledge. “I think the most sophisticated operations going on right now are espionage—to find out what the opponent is trying to do, wants to do, and will do next,” De Blasi says. “We may have to wait years before we discover anything about that.”
Visibly, hacktivists and others attacking Russia have obtained and published hundreds of gigabytes of Russian data and millions of emails—the files may help unravel parts of the Russian state.
What are DDoS Attacks?
A DDoS attack, (Distributed Denial of Service) is when a website is flooded with false users or bots that make it so that the website cannot function with the sudden influx in users and consequently breaks down.
However, there are ways to prevent an attack like this from happening. Have you seen those ‘I am not a robot checkboxes’? These are a form of defence against DDoS attacks! These checkboxes often ask you to select images that contain a bus or traffic lights or type out a word that is displayed on the screen. These work by making sure that the user is actually physically looking at the screen, which a bot cannot do.
If the security system does not believe your answers it will prevent access to the website as it will consider you a Bot trying to perform a DDoS attack.
Of course, there are ways around this. Certain Bots can make educated guesses on what the word might be or what images contain that particular thing and Perform the DDoS attack that way. Though this filter makes it very hard for these bots to get through without some severe effort being put into it.
Does your website have DDoS Protection? If not then it is highly recommended that you consider investing in a managed IT service provider so that you won’t have to worry about a DDoS attack bringing down your website anytime soon.