Ukraine’s Minister of Digital Transformation called late Saturday (January 26) for the creation of an “IT army”, posting a list of Russian companies and organisations and urging hackers to attack them. Mykhailo Fedorov made the announcement on a new dedicated Telegram channel that attracted 96,000+ subscribers within hours.
A government, however embattled, calling for people to launch cyber-attacks on banks, oil companies and pension funds, among other targets, is arguably a “first” — despite cyberspace having been recognised as a domain of operations militarily by organisations including NATO for some years now.
“For all IT specialists from other countries…. Task # 1 We encourage you to use any vectors of cyber and DDoS attacks on these resources,” the Ukraine IT Army page said, naming 31 Russian organisations.
Those tempted may want to exercise caution.
Telegram, a messaging service/social media platform hybrid founded by a Russia-born entrepeneur is not end-to-end encrypted (E2EE) by default; this is only enabled via the “secret chats” function which does not include group chats. Despite its popularity it seemed like an unusual choice for the late-in-the-hour call to arms to an international community that includes many information security professionals visibly fraught at impotence in the face of the war. (Many of Ukraine’s own expansive IT community have had to pick up physical weapons.)
It comes two days after local hacker forums also saw posts appear calling for help with cyber-defence of the country. One Ukrainian cybersecurity company founder told Reuters that they wrote one post at the request of a senior Defense Ministry official who contacted them on Thursday. Another person directly involved in the effort confirmed to the newswire that the request came from the Defense Ministry on Thursday morning.
Tempting though the Ukraine IT Army proposition may be for some hackers amid Russia’s war of aggression, security researchers urged caution in a “terrain” no doubt being carefully monitored by multiple nation states and with Russia having its own highly skilled threat groups (and a track record of poisoning people with exotic substances.)
Earlier evidence meanwhile had suggested extensive Russian geofencing of some key websites. Many on the target list posted by Fedorov today were intermittently unavailable not long after his call to arms on Twitter.
German IT Lawyer Chan-jo Jun was among those urging caution, noting on Twitter: “War is not a blanket justification for crimes.”
(IT infrastructure often has complex dependencies. DDoS attacks may route through ISPs and potentially impact infrastructure hosting other critical infrastructure not associated with Russia’s leaders.)
Ukraine’s Minister of Digital Transformation has also been urging Elon Musk to support the country by providing satellite internet amid the risk that Ukraine’s internet connectivity could be disrupted. Late Saturday Fedorov got the response from the Tesla and Starlink founder late Saturday that “Starlink service is now active in Ukraine.
Musk added: “More terminals en route.”
The Starlink satellite-based broadband service requires terminal installations to work. The decision by Musk comes several days into a way that has seen the capital come under heavy fire; Kyiv is currently under a strict curfew. It may be a challenging time for people to set up the phase-array antennas ther service needs to function.