IT Army of Ukraine

Cyberwarfare volunteer group

IT Army of Ukraine
IT-армія України
Active26 February 2022–present[1]
Country Ukraine
BranchCyberwarfare
Size~1000 Ukrainian and foreign volunteers (3 march)[2]
Websiteitarmy.com.ua
Military unit

The IT Army of Ukraine (Ukrainian: IT-армія України) is a volunteer cyberwarfare organisation created at the end of February 2022 to fight against digital intrusion of Ukrainian information and cyberspace after the beginning of the Russian invasion of Ukraine on February 24, 2022.[1][3] The group also conducts offensive cyberwarfare operations, and Chief of Head of State Special Communications Service of Ukraine Victor Zhora said its enlisted hackers would only attack military targets.[4]

Formation

On 26 February 2022, the Minister of Digital Transformation and First Vice Prime Minister of Ukraine, Mykhailo Fedorov announced the creation of the IT Army, which is mainly coordinating its efforts via Telegram and Twitter.[5][6]

According to Reuters, the Ukrainian government asked for volunteers from the country's hacker underground to help protect critical infrastructure and conduct cyber spying missions against Russian troops. Yegor Aushev, the co-founder of a Ukrainian cybersecurity firm Hacken,[7] wrote, "Ukrainian cybercommunity! It's time to get involved in the cyber defense of our country," asking hackers and cybersecurity experts to submit an application listing their specialties, such as malware development and professional references.[8]

Aims

The volunteers who joined the group are divided into offensive and defensive cyber units. While the offensive volunteer unit would help Ukraine's military conduct digital espionage operations against invading Russian forces, the defensive unit would be employed to defend infrastructure such as power plants and water systems.[1]

The Ukrainian government used Twitter and Telegram to share a list of Russian and Belarusian targets for the army to attack.[9] Russian ransomware operators responded by offering their assistance to counter the Ukrainian effort.[10]

Activities

  • Fedorov requested the assistance of cyber specialists and tweeted a Telegram with a list of 31 websites of Russian business and state organizations.[11][12][5]
  • On 28 February 2022, the IT Army hacked the website of the Moscow Stock Exchange. The IT Army posted that it had taken them only five minutes to render the website inaccessible.[13][14][15]
  • On the same day, the IT Army hacked the website of Sberbank, the largest bank in Russia. The IT Army had also launched attacks on other Russian and Belarusian sites, including the government websites of Russia and Belarus, the FSB and the Belarusian state news agency BelTA, among others.[12][16]
  • According to Reuters, the group targets Russian power grids and railways to prevent Russian infrastructure from reaching Ukraine.[2] This included technologies such as GLONASS.[2]
  • Eight hundred Russian websites, including Roscosmos, were attacked by the IT Army, from June 27 to July 10. They posted congratulatory messages to Ukrainian Constitution Day on those websites. Besides that, distributed denial of service attacks carried out by the IT army has crippled Russian ability to work on some CRM systems for extended periods.[17]
  • Ministry of Digital Transformation reported about cyberattacks on over 6000 of Russian web resource in the period from February 26 to July 30.[18]
  • In September 2022 the group had reportedly collaborated with Anonymous to commit cyberattack against Yandex Taxi's systems, causing a traffic jam in Moscow.[19]
  • The group claimed to have hacked the website of Wagner group and stolen its personal data. On the defaced website, photos of dead soldiers were shown.[20]
  • On Oct 7th, the IT Army hacked the website of the Collective Security Treaty Organization (CSTO), through which they congratulated the Russian president on his birthday.[21]

References

  1. ^ a b c Schectman, Joel; Bing, Christopher (25 February 2022). "EXCLUSIVE Ukraine calls on hacker underground to defend against Russia". Reuters. Retrieved 3 March 2022.
  2. ^ a b c Schectman, Joel; Bing, Christopher; Pearson, James (2 March 2022). "Ukrainian cyber resistance group targets Russian power grid, railways". Retrieved 3 March 2022.
  3. ^ Todd, Drew (25 February 2022). "Anonymous Hacking Group Targets Russian Government". Retrieved 3 March 2022.
  4. ^ "Ukraine cyber official: We only attack military targets". The Independent. 4 March 2022. Retrieved 16 March 2022.
  5. ^ a b Pearson, James (27 February 2022). "Ukraine launches 'IT army,' takes aim at Russian cyberspace". Reuters. Retrieved 3 March 2022.
  6. ^ "Anonymous and IT Army shut down more than 2,400 Russian websites". Fonetech.
  7. ^ "Kyiv's hackers seize their wartime moment". POLITICO. 10 March 2022. Retrieved 12 July 2022.
  8. ^ "Russia partially restricts access to Facebook to 'protect Russian media'". the Guardian. 25 February 2022. Retrieved 12 July 2022.
  9. ^ "Is a Russian cyberwar coming?". The Washington Post. 7 March 2022. Retrieved 16 March 2022.
  10. ^ "Russian ransomware gang threatens countries that punish Moscow for Ukraine invasion". Politico.
  11. ^ ""IT army of Ukraine 2022"". Telegram. Retrieved 3 March 2022.
  12. ^ a b Goodin, Dan (1 March 2022). "After Ukraine recruits an "IT Army," dozens of Russian sites go dark". arstechnica.com. Retrieved 3 March 2022.
  13. ^ Uberti, David (28 February 2022). "Hackers Target Key Russian Websites". The Wall Street Journal.
  14. ^ Coble, Sarah (28 February 2022). "Moscow Exchange Downed by Cyber-Attack". Infosecurity Group. Retrieved 3 March 2022.
  15. ^ ""Disabled in 5 minutes": Ukrainians hack Moscow Stock Exchange". pravda.com.ua. 28 February 2022. Retrieved 3 March 2022.
  16. ^ Mott, Nathaniel (27 February 2022). "Ukraine Enlists Hackers in 'IT Army' Targeting Russia, Belarus". pcmag.com. Retrieved 3 March 2022.
  17. ^ "IT army attacks over 800 Russian websites in two weeks - Ministry of Digital Transformation". www.ukrinform.net. Retrieved 12 July 2022.
  18. ^ "За 5 місяців ІТ-армія України вивела з ладу понад 6000 ресурсів рф" (in Ukrainian). 1 August 2022.
  19. ^ "L'attacco hacker a un'app di taxi ha gettato Mosca nel caos". Wired Italia (in Italian). 5 September 2022. Retrieved 25 September 2022.
  20. ^ "Pro-Ukraine Hacktivists Claim to Have Hacked Notorious Russian Mercenary Group". www.vice.com. Retrieved 25 September 2022.
  21. ^ "Ukrainians hacked the site of the Collective Security Treaty Organization (ОДКБ)". zoznam.sk. Retrieved 8 October 2022.

External links

  • Official website Edit this at Wikidata
  • IT Army of Ukraine on Telegram Edit this at Wikidata
  • v
  • t
  • e
BackgroundMain eventsImpact and reactionsCyberwarfareMediaRelated
  • Category
  • v
  • t
  • e
Overview
General
Prelude
Background
Foreign relations
Southern Ukraine
Eastern Ukraine
Kyiv
Northeastern Ukraine
Russian occupations
Ongoing
Previous
Strikes on military targets
Potentially related incidents
Other
General
Attacks on civilians
Attacks on prisoners of war
Legal cases
States and
official entities
General
Ukraine
Russia
United States
Other countries
United Nations
International
organizations
Other
Public
Protests
Companies
Technology
Other
Impact
Effects
Human rights
Terms and phrases
Popular culture
Key people
Ukraine Ukrainians
Russia Russians
Other
  • Category
  • Commons
  • Meta-Wiki
  • v
  • t
  • e
Hacking in the 2020s
← 2010s Timeline 2030s →
Major incidents
2020
2021
2022
Groups
Individuals
Major vulnerabilities
publicly disclosed
Malware
2020
2022