Ukraine’s IT army has hit Russia with reciprocal widespread cyber attacks, writes former president of Engineers Ireland Dr Chris Horn.
Just a couple of days after Russia invaded Ukraine in late February, Ukrainian deputy prime minister and the minister for digital transformation Mykhailov Federov appealed to Ukrainians worldwide, professionals and amateurs alike, to join a nascent cyber army: “We have a lot of talented Ukrainians in the digital sphere – developers, cyber specialists, designers, copywriters, marketers. We continue to fight on the cyber front.”
Russia has been attacking Ukrainian digital assets for some time. Prior to the war, and with some exceptions, most attacks were generally relatively short-lived and usually not overly malicious.
Potential impact of full cyber attack
They were instead apparently intended to intimidate and to demonstrate the potential impact of a full cyber attack. Since the outbreak of war, full cyber attacks have been frequent on government and military websites, banking and ATM systems, internet providers, media outlets, energy providers, water chlorination plants, the railway system, and even the Red Cross and border control points administering refugee information.
A deepfake video of President Zelenskyy calling on Ukrainians to lay down their arms has been one of the many disseminations of false government announcements into hacked news feeds and trolled social media channels. A year ago our own HSE was subject to a ransom attack, from which data was painfully recovered. The cyber attacks in Ukraine since February often instead intend to permanently destroy data.
Federov’s IT army has been fighting back with reciprocal widespread onslaughts on Russian digital infrastructure. Apparently the digital defences across Russia are not always particularly strong.
Regional computers across the vast geography of Russia have been found susceptible to providing gateways back into core systems in Moscow. Many nationals worldwide have joined the Ukrainian hacking, leading to UK and US government officials issuing stern warnings to their citizens not to participate.
The cyber war could clearly escalate to lasting and permanent damage to key infrastructure such as power, water, transport and health systems, as well as to central government and military installations. Unofficial actions by citizen activists, not sanctioned by national administrations, could dangerously prompt retaliatory infrastructure attacks in those countries perceived to be assisting Ukraine.
Drones
The Ukrainian citizen IT army goes beyond hacking internet systems. Hobbyists and professionals have also been hacking consumer drones. Drones are now invaluable for military surveillance, including spotting for anti-tank weapons and artillery barrages.
Augmented with off-the-shelf thermal cameras, consumer drones are being flown at night to identify and attack troop positions. Some have been hacked to drop small munitions or become kamikazes.
In previous conflicts, governments have generally kept drone footage as military secrets. Now Russia and Ukraine have been actively promoting video footage from drones to various social media networks as part of their propaganda war and to boost morale.
Ukraine has also been using military-grade drones, and in particular Turkish Bayraktar drones. Turkey, in turn, is in a complex political dance, exporting arms and munitions to Ukraine while simultaneously purchasing advanced missile systems from Russia, which caused the US to drop Turkey from its F-35 stealth fighter programme. Russia used to turn a blind eye to the Ukrainian exports, but is now putting pressure on Turkey to cease.
Russia naturally has its own military-grade drones. The Russian Orlan-10 has been extensively proven in Syria. However, a captured Orlan has been recently disassembled by the Ukrainians. For a no-doubt-expensive military system, it is surprisingly hobbyist in its manufacturing. Velcro strips hold down parts, including both a plastic bottle for holding fuel and an off-the-shelf DSLR from a well-known global consumer brand as its camera.
Consumer drones are limited to flight durations of at most an hour, and operators have to be within a few kilometres and thus close to the battlefield. The relatively unsophisticated military-grade drones operated by both sides also have limited duration and range.
However, Forbes reports that the Biden administration may be about to provide heavy attack MQ-9 Reaper drones to Ukraine, which the US military remotely operate over thousands of kilometres, loitering at length over battle areas and carrying advanced missile systems. These would be a considerable escalation of Ukraine’s capabilities.
Both sides are using electronic warfare to jam the control of drones, and so provide a safe 'bubble' over troop deployments. Advanced systems can scan an area for electronic signal patterns, mimic responses, jam mobile networks and even identify the location of drone operators.
But deploying advanced electronic warfare systems risks their capture and then reverse engineering. A highly sophisticated Russian Krasukha-4 system, which has a thwarting range of more than 200km to aerial threats, was recently seized by the Ukrainians and is now being hacked. No doubt the US is also keen to understand its operations and how, in turn, to counter its counter-measures.
'Imagination is the only weapon in the war against reality' is a grieving truth when surrounded by bloodshed. But imagination in war also drives desperate innovation to overcome.
This article first appeared in The Irish Times on May 4, 2022
Author: Dr Chris Horn, former president of Engineers Ireland, is the co-founder, CEO and chairman of IONA Technologies, industry expert on Irish technology development, trends, and business. As an honorary Doctor of Science from Trinity College Dublin and former TCD lecturer in computer science, Dr Horn is at the forefront of the Irish high-tech debate.