Ukraine conflict: Hackers take sides in virtual war
- Published
Throughout the bitter violence of the Ukrainian conflict, another hidden war has been waged, involving several groups of computer hackers.
Little is beyond their reach. Official documents and private communications are made public, and websites blocked. They hijack CCTV cameras, electronic billboards and network printers.
The best known of the virtual warriors are the Ukrainian Cyber Troops, the Cyber Berkut and Anonymous International.
All three present themselves as independent activists, separate from other, government-sponsored groups.
Ukrainian Cyber Troops
The most prominent pro-Ukrainians hackers are the Ukrainian Cyber Troops, external, led by Kiev-based programmer Yevhen Dokukin.
Most recently, he claimed to have hacked into two Russian interior ministry servers and an email account used by police in Russia's Rostov region - bordering Ukraine's eastern separatist regions.
"I gave all this data to Ukraine's security service, but they still can't get round to analysing it, so do it yourselves," he urged readers on Facebook.
Volunteer activist group Inform Napalm sifted through more than 35 gigabytes of the data and found, external what looked like official reports confirming that Russian military servicemen were among the hundreds of people evacuated to Russia after being wounded in Ukraine.
The Ukrainian Cyber Troops make extensive use of one of the most tried and tested tools in cyber warfare, the distributed denial-of-service (DDoS) attack.
"DDoS attacks are the Ukrainian Cyber Troops' artillery," Mr Dokukin likes saying. Scores of rebel websites were made inaccessible when the Ukrainian Cyber Troops relentlessly bombarded them with fake service requests.
To disrupt separatist funding, they target accounts held by rebels in electronic payment systems such as PayPal and WebMoney.
The Cyber Troops have also hacked into public CCTV systems in rebel-held areas of eastern Ukraine and monitor them for the movement of troops and military hardware.
On 8 December, Yevhen Dokukin claimed to have hijacked network printers in eastern Ukraine and Crimea to print pro-Ukrainian messages and insults against Russian President Vladimir Putin.
Some media reports suggest that Ukraine's security services have used information obtained by hackers to direct artillery fire.
But officials deny this. "We only use data obtained by people we trust and know," Ukrainian military spokesman Oleksiy Dmytrashkivsky told the BBC.
Cyber Berkut
On the other side of the conflict is Cyber Berkut, external, a staunchly anti-Western group which takes its name from the riot police used against protesters during the unrest in Kiev that led to the ousting of President Viktor Yanukovych.
The group's declared goal is thwarting Ukraine's military plans and thus stopping the "genocide" that it accuses Kiev of unleashing at America's behest. Its motto is "We won't forgive or forget", and its rhetoric closely resembles that of Russian state media.
During US Vice-President Joe Biden's visit to Kiev on 20-21 November, Cyber Berkut hacked several Ukrainian government websites, placing a message on their front pages which read: "Joseph Biden is the fascists' master."
Cyber Berkut claims to have retrieved confidential documents from a mobile device used by one member of Mr Biden's team while it was in Kiev. The documents, external appear to detail Washington's military assistance to Ukraine.
Another stunt carried out by Cyber Berkut is the apparent hacking, external of electronic billboards in Kiev, which were made to show a video branding Ukrainian officials and activists "war criminals" and featuring highly graphic images of civilians killed in the current conflict.
They also claim to have disrupted the electronic vote-counting systems ahead of October's parliamentary election in Ukraine, to have leaked Ukrainian defence ministry data on losses and desertions, and to have blocked President Petro Poroshenko's website.
In addition, Russian tabloid Komsomolskaya Pravda , externalquoted a Facebook conversation allegedly hacked by Cyber Berkut, in which Ukrainian officials appear to admit that their forces downed Malaysia Airlines flight MH17.
The claim went largely ignored elsewhere and has never been verified.
Anonymous International
Russian activist group Anonymous International , externalmade its name by publishing leaked documents from the Kremlin. It is otherwise known as b0ltai or Shaltay Boltay, which translates as "Humpty Dumpty".
What is not clear is whether it obtains material through hacking or are given it by Kremlin insiders.
The group focuses on Russia's domestic affairs, but some of its material covers Ukraine.
In November it published a letter, external from a Russian fighter in eastern Ukraine suggesting that locals did not support the separatist forces.
And in May it made headlines leaking what it said were emails, external to and from former Russian FSB colonel Igor Girkin, also known as Strelkov, who was then a key rebel commander in eastern Ukraine.
Access to Anonymous International's website is currently blocked in Russia.
BBC Monitoring, external reports and analyses news from TV, radio, web and print media around the world. For more reports from BBC Monitoring, click here. You can follow BBC Monitoring on Twitter, external and Facebook, external.
- Published21 June 2023