What happens in the hacker war between Russia and Ukraine

13 May 20222 years ago babelfish

Facts and insights on the war, including hackers, between Russia and Ukraine. The article by Giuseppe Gagliano

Since the Russian invasion of Ukraine on February 24, hacker groups in both countries have also waged cyber warfare. To date, several key cyberspace infrastructures in both Russia and Ukraine have already been targeted by cyberattacks and government sites are routinely decommissioned. In mid-March, more than 300,000 hacktivists joined Ukraine to fight Russia in cyberspace. Anonymous also declared a "cyber war" on Russia the day after its invasion of Ukraine. The group regularly makes announcements about its activities.

This week Russian media reported that Ukrainian hacktivists attacked the vodka supply chain in Russia. According to the information available on the subject, the law requires producers and distributors of alcohol to register their shipments on the EGAIS portal. But several industry entities reported this week that DDoS attacks carried out by Ukrainian hacktivists took the site out of service on May 2 and 3. The breakdown would affect not only the distribution of the vodka.

Government sources quoted by some local media claim that the site is functioning normally and that any excessive waiting time is simply due to high demand. However, one company, Fort, was unable to offload approximately 70% of its invoices to EGAIS due to bankruptcy.

This would have caused saturation in several warehouses in Russia. EGAIS informed its partners of the system failure and ensured that things returned to normal the next day. Although the portal began to function partially, the attack caused the supply of products to retailers and restaurants to be interrupted. According to local media, the “egais.ru”, “service.egais.ru” and “check.egais.ru” domains have been listed on the Telegram channel of Ukraine “IT Army of Ukraine. This is a hacking initiative coordinated by the Ukrainian government.

As part of this initiative, prominent Russian sites are listed as targets, and volunteer hackers to help Ukraine fight Russian Internet infrastructure are invited to attack them via denial of service. In the past, this initiative has led to the closure of the Moscow Stock Exchange website. The extent of the damage and disruption these attacks cause to the Russian state is currently unknown, but according to experts, the initiative occasionally has propaganda value for Kiev.

Igor Kosarev, representative of Ladoga vodka, said the company has a backlog of more than 1,500 files to upload, predicting there will be delays until the situation normalizes. While this delay doesn't have a negative effect on the May 9 celebrations, some wineries officials are concerned. For example, Alexander Lipilin, director of the Beluga group, confirmed that sales to end consumers remain unchanged. If the failure lasts longer than expected – or if other DDoS attacks compromise the EGAS infrastructure – there is likely to be a shortage of vodka and other alcoholic beverages.

Beluga is the largest alcoholic beverage producer in Russia. Other sources reported that the disBalancer group offers its “Liberator” tool to carry out DDoS attacks against propaganda sites or sources contributing to the Russian invasion. The application is available for Windows, macOS and Linux. Although Liberator may amplify hacking attacks on Russia, Avast researchers report that its use is unsafe. "The analysis of one of these tools shows that it is not safe, because it collects personal data that can identify users," they mention.

“This data includes IP address, country code, city, location derived from IP address, username, hardware and system configuration. The simple and easy-to-use tools shared by these initiatives can pose a risk to the privacy and security of the person who downloads them, ”they say. In addition to disBalancer and Anonymous, other groups take pride in hacking Russian government offices and systems in response to the invasion of Ukraine.

This is a machine translation from Italian language of a post published on Start Magazine at the URL https://www.startmag.it/mondo/russia-ucraina-guerra-informatica/ on Thu, 12 May 2022 06:42:13 +0000.