![](\"https:\/\/media.wired.com\/photos\/621d576f70181659540c7de1\/master\/pass\/security-hacktivists-1238821241.jpg\"\/)
<\/p>\n<\/p>\n
Credit to Author: Lily Hay Newman| Date: Thu, 03 Mar 2022 22:56:10 +0000<\/strong><\/p>\n Lily Hay Newman<\/a><\/span><\/span><\/p>\n To revist this article, visit My Profile, then View saved stories<\/a>.<\/p>\n To revist this article, visit My Profile, then View saved stories<\/a>.<\/p>\n on thursday, hackers<\/span> defaced a Russian Space Research Institute website and leaked files<\/a> that they allege are stolen from Roscosmos, the Russian space agency. Their message<\/a>? \u201cLeave Ukraine alone else Anonymous will f*ck you up even more.\u201d Meanwhile a DDoS attack<\/a> pummeled Russia's .ru \u201ctop level domain,\u201d with the aim of essentially cutting off access to all URLs that end in .ru. These are just the latest incidents in a surge of hacktivism in support of Ukraine.<\/p>\n Protests against Russia\u2019s war of choice with Ukraine have been held around the world, including in 48 Russian cities. The global community has raised millions of dollars<\/a> for Ukraine through cryptocurrency donations, and private companies from Shell and BP to Apple have temporarily or permanently pulled out of the Russian market<\/a>. Amidst the havoc, hacktivists are joining the cacophony in an attempt to make a statement and advance their cause.<\/p>\n For years, Russia has barraged Ukraine with an array<\/a> of intrusive and destructive<\/a> cyberattacks. And the war opened in recent days with Russian campaigns to hit Ukrainian institutions with DDoS attacks and awaken data-wiping malware on hundreds of Ukrainian computers. Ukraine itself has launched an effort to amass a volunteer \u201cIT Army\u201d<\/a> of civilian hackers from around the world to aid its fight, alongside traditional conscription. Still, as the back-and-forth has escalated into violence in the region and NATO countries have battered Russia with crippling economic sanctions, hacktivist data leaks, website defacements, and cyberattacks have become one of the most visible, if not necessarily the most impactful, digital battlegrounds.<\/p>\n The mix of hacktivism and active warfare creates a messy picture, experts say. Some caution that hacktivism could lead to unintended escalations or endanger intelligence operations. Others argue that even more than in peacetime<\/a>, periods of active combat render hacktivism ineffectual and largely just distracting.<\/p>\n \u201cIt's a high-intensity armed conflict between two states with heavy\u00a0kinetic warfare, civilian casualties, and physical destruction,\u201d says Lukasz Olejnik, an independent cybersecurity researcher and former\u00a0cyberwarfare\u00a0advisor\u00a0to the International Committee of the Red Cross. \u201cLet's be honest here, what may hacktivism change in this picture? Besides, most of the reports of hacktivism are unverifiable at best. They are highly amplified on social media and traditional electronic media, but what is the actual effect?\u201d<\/p>\n Gregory Barber<\/span> and Matt Simon<\/span><\/span><\/p>\n Garrett M. Graff<\/span><\/span><\/p>\n Reece Rogers<\/span><\/span><\/p>\n If nothing else, the hacktivist efforts have been very visible. As Russia began its invasion of Ukraine on Thursday, the hacking collective Anonymous tweeted<\/a> that it was \u201cofficially in cyber war against the Russian government.\u201d The group claimed credit for attacks that briefly knocked out access to a number of sites, including that of the state-controlled Russian news agency RT, Russian oil giant Gazprom, the Kremlin itself, and other Russian government agencies. A marine tracking data defacement resulted in Putin\u2019s yacht being renamed "FCKPTN\u201d in maritime tracking data. Soon after, two groups, known as \u201cAnonymous Liberland\u201d and \u201cthe Pwn-B\u00e4r Hack,\u201d leaked<\/a> roughly 200 gigabytes worth of alleged emails from the Belarusian weapons manufacturer Tetraedr.<\/p>\n On Monday, the collective claimed another wave of website defacements, saying it had posted anti-war overlays on a number of news websites, including that of the Russian newspaper Kommersant<\/em> and the state-run outlets TASS and RIA Novosti.<\/p>\n Hacktivist activity predates the actual war. A group known as the Belarusian Cyber Partisans attacked Belarus' railway system<\/a> at the end of January and recently claimed to be at it again. The goal of the original initiative was to slow Russia's troop buildup along Ukrainian borders; this week the group said it wanted to disrupt Russian military movement.<\/p>\n \u201cWe continue to help Ukrainians in their fight against Russian occupation forces,\u201d the group tweeted<\/a> on Sunday. \u201cThe Railways is under attack. \u2026 Manual control mode is enabled, which will slow down the movement of trains but will NOT create emergency situations. It will NOT endanger ordinary citizens!\u201d<\/p>\n Cyber Partisans spokesperson Yuliana Shemetovets told WIRED that the group has grown in recent weeks. \u201cFive new people, Belarusians, joined the group since the war started,\u201d she said. \u201cMore are on the list to be verified.\u201d<\/p>\n Meanwhile, the Conti and CoomingProject ransomware groups declared their allegiance to Russia last week. Soon after, more than 60,000 of Conti's internal messages leaked, along with the message \u201cGlory to Ukraine!\u201d The trove, presumably leaked by Conti affiliates, reveals details about how the group is organized and how it operates. On Wednesday, Conti seemed to be dismantling its infrastructure<\/a>, evidence of the impacts hacktivism can have, regardless of whether such protests directly shape the course of the war.<\/p>\n On Thursday, security researchers at Trustwave SpiderLabs also published<\/a> findings that a pro-Russia entity, JokerDNR, has been publishing blog posts aimed at embarrassing Ukrainian officials and even claiming to dox some Ukrainian government workers and military members by publishing alleged names, addresses, and other contact information.\u00a0<\/p>\n A number of security companies and other organizations have released free versions of digital defense tools or expanded their free offerings<\/a> to help Ukrainians defend their networks. Google, for example, says its human rights-focused DDoS protection service Project Shield is now in use<\/a> by more than 150 Ukrainian websites.<\/p>\n