The common definition of Guerrilla Warfare is a form of ‘irregular’ warfare in which small groups of combatants, such as paramilitary personnel, armed civilians, or irregulars, use military tactics including ambushes, sabotage, raids, petty warfare, hit-and-run tactics, and mobility, to fight a larger and less-mobile traditional military. Now enter cyber guerrilla warfare. A Ukrainian cyber guerrilla warfare group is in the process of launching digital sabotage attacks against critical Russian infrastructure such as railways and the electricity grid, to strike back at Moscow over its Ukrainian invasion.
Officials from Ukraine's defense ministry last week approached Ukrainian businessman and a local cybersecurity expert to help organize a unit of cyber hackers to defend against Russia On 1 March 2022, the operation began to organize hacking attacks that would disrupt any infrastructure that helps bring Russian troops and weapons to Ukraine. "Everything that might stop war," the expert said. "The goal is to make it impossible to bring these weapons to our country." Many military and political experts believe these are acts of war from either side.
The Ukrainian group has already downed or defaced dozens of Russian government and banking websites, sometimes replacing content with violent images from the war. He declined to provide specific examples, saying it would make tracking his group easier for the Russians.
Russia calls its actions in Ukraine a "special operation" that it says is not designed to occupy territory but to destroy its southern neighbor's military capabilities and capture what it regards as dangerous nationalists. A Ukrainian defense attache in the US declined to comment on the hacking group or its relationship with the Ukraine defense ministry. This group has so far grown to more than 1,000 Ukrainian and foreign volunteers. The group has already coordinated with a foreign hacktivist organization that carried out an attack on a railway system. The infamous Anonymous group has joined the fray. They are calling their operation #OPRussia.
After word spread of the formation of Ukrainian hacking team, the Belarusian Cyber Partisans, a Belarus-focused hacking team, volunteered to attack Belarusian Railways because they said it was used to transport Russian soldiers. The Cyber Partisans disabled the railway's traffic systems and brought down its ticketing website over last weekend. Last monday, a Cyber Partisans spokeswoman said the group carried out those attacks and confirmed their organization was now working with the Ukraine cyber guerilla group. The spokeswoman said because her group had brought down the reservation system, passengers could only travel by purchasing paper tickets in person. "We fully side with Ukrainians," she said. "They are now fighting for not only their own freedom but ours too. Without an independent Ukraine, Belarus doesn't stand a chance."
Russian foreign ministry spokeswoman Maria Zakharova told a Russian news outlet on 2 March that Russian embassies were allegedly under cyberattack by "cyber terrorists from Ukraine."
Beyond striking back at Russia, the cyber hacking group said its team would help Ukraine's military hunt down undercover Russian units invading cities and towns. They said its group had discovered a way to use cellphone tracking technology to identify and locate undercover Russian military units moving through the country, but declined to provide details. Russian troops are reportedly using commercial cell phones in Ukraine to communicate, multiple media outlets reported.
Since the initiation of the Russian invasion of Ukraine, numerous Russian government websites have been publicly interrupted by reported distributed denial of service (DDoS) style attacks, including one for the office of its President Vladimir Putin.
Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization. For questions, comments or assistance, please contact the office directly at 1-844-492-7225, or firstname.lastname@example.org
Weekly Cyber Intelligence Briefings:
- Reporting: https://www.redskyalliance.org/
- Website: https://www.wapacklabs.com/
- LinkedIn: https://www.linkedin.com/company/64265941
Weekly Cyber Intelligence Briefings:
REDSHORTS - Weekly Cyber Intelligence Briefings