War is not just in the trenches. Russia, in an effort to mobilize its people and protect its services, has published a list of IPs and Domains it considers to be attacking its DDoS infrastructure.
As the ongoing Russia-Ukraine conflict escalates, the Russian government published on Thursday a huge list of 17.576 IP addresses and 166 domains that it claims are behind a series of DDoS attacks targeting its domestic infrastructure.
Some of the most notable domains in the listing released by Russia's National Computer Coordination Center (NCCCI) are the US Federal Bureau of Investigation (FBI), the Central Intelligence Agency (CIA), and the websites of several media outlets such as the USA. Today, 24News.ge, megatv.ge and the Ukrainian Korrespondent magazine.
As part of the Russian government's recommendations for dealing with DDoS attacks, but also in anticipation of massive cyberattacks on Russian information resources, it urges organizations to shield their Appliances network, enable logging, change passwords associated with key infrastructure elements, disable automatic updates software, disable third-party plugins on websites, keep copies security data, and watch out for phishing attacks.
We read in their recommendation (ALRT-20220302.1.pdf), which is in Russian but you know now how to make a pdf document translation:
"Use Russian DNS servers. Use your telecommunications provider's corporate DNS servers and / or DNS servers to prevent the organization's users from being redirected to malicious resources or other malicious activity. If your organization's DNS zone is serviced by a foreign telecommunications provider, transfer it to the Russian Federation Information Center. "
What is certain, however, is that the battle will not be fought only on the territory of Ukraine. The developments are coming and it is expected that the ground war will be complemented by a barrage of cyberattacks in the digital domain, with hacktivist groups supporting both two countries, to hit websites of government and commercial entities and to leak collections personal data.
Ukraine, which has amassed a volunteer "IT army" of civilian hackers from around the world, has set a new target for Belarus's railway network, Russia's GLONASS satellite satellite navigation system and telecommunications operators such as MTS and Beeline.
In a related development, the US Treasury Department stated that imposes sanctions to some Russian oligarchs and entities, to provide direct and indirect support to the Russian government and to conduct global influential operations "focusing on the divisiveness of social issues in Ukraine."