Russian Cyber Army targeted Ukraine’s National Commission for the State Regulation of Communications and Informatization. According to unverified sources, the DDoS attack took the institution’s website out and exposed significant internal vulnerabilities.
Russia’s cybercriminal division uses a variety of MOs, DDoS attacks being the most used one. Other tactics include dissemination of information, state propaganda, hacker attacks, cyber espionage, and participation in disinformation on political blogs.
This sophisticated and multi-layered approach allows the Russian Cyber Army to influence the political and ideological narrative at a global scale. Ukraine is but one of many victims, as notable attacks have been recorded worldwide.
The purpose of today’s operation is undoubtedly to cripple or, at the very least, reduce Ukraine’s ability to resist the Russian will during the ongoing war. This DDoS attack comes right as the news of Russia’s breakthrough in Avdiivka went public.
It’s important to note that the Russian Cyber Army isn’t the only hacking organization that orchestrates attacks against Ukraine’s infrastructure. Numerous other cybercriminal groups do the same, most operating independently from the Russian state.
These include entities like NoName, Xaknet, Killnet, and Anonymous Sudan. While DDoS attacks are their tactic of choice, other types of operations are pursued as well, including ransomware strikes and data breaches.
Russian Cyber Army has been active for over 2 decades and was involved in numerous operations across the globe. Russia has been relying on cyber-attacks in all of its armed conflicts throughout the world, including Estonia, Poland, Germany, and Georgia.
To be noted, it’s not always clear if a given DDoS attack is the work of the Russian state itself or if it can be attributed to independent organizations. One such organization is NoName, one of the most famous pro-Russian hacking actors.
NoName is openly pro-Russian and currently ranks as the most active and dangerous group. They produce up to a dozen victims per day worldwide, and they don’t take days off. Despite its strong pro-Russian affiliations, it’s unclear if the group is state-funded.
The earliest attacks associated with the Russian Cyber Army date back to 1996, possibly before that. The operation consisted of a series of hacking events targeting NASA, the US military, the Pentagon, and a number of governmental agencies.
The US then launched the Moonlight Maze operation to uncover the perpetrators and establish how they’ve penetrated their defense systems. The series of DDoS attacks lasted approximately 3 years, between 1996 and 1999.
This alone shows the capabilities and the extent the Russian Cyber Army can go to hit the heart of its enemies.
We believe security online security matters and its our mission to make it a safer place.