War is not just in the trenches. Russia, in an effort to mobilize its people and protect its services, has published a list of IPs and Domains it considers to be attacking its DDoS infrastructure.
As the ongoing Russia-Ukraine conflict escalates, the Russian government published on Thursday a massive list of 17.576 IP addresses and 166 domains that it claims are behind a series of attacks DDoS, targeting its domestic infrastructure.
Some of the most notable domains in the listing released by Russia's National Computer Coordination Center (NCCCI) are the US Federal Bureau of Investigation (FBI), the Central Intelligence Agency (CIA), and the websites of several media outlets such as the USA. Today, 24News.ge, megatv.ge and the Ukrainian Korrespondent magazine.
As part of the Russian government's recommendations to counter DDoS attacks, but also in anticipation of massive cyber attacks on Russian IT resources, it urges organizations to shield network devices, enable logging, change passwords related to key infrastructure , disable automatic software updates, disable third-party plugins on websites, keep backups data, and watch out for phishing attacks.
We read in their recommendation (ALRT-20220302.1.pdf), which is in Russian but you know now how to make a pdf document translation:
"Use Russian DNS servers. Use your telecommunications provider's corporate DNS servers and / or DNS servers to prevent the organization's users from being redirected to malicious resources or other malicious activity. If your organization's DNS zone is serviced by a foreign telecommunications provider, transfer it to the Russian Federation Information Center. "
What is certain, however, is that the battle will not be fought only in the territories of Ukraine. Developments are coming and the ground war is expected to be complemented by a barrage of cyber-attacks in the digital sector, with hacktivist groups backing both countries hitting government and business websites and leak collections personal data.
Ukraine, which has managed to assemble a volunteer "IT army" of civilian hackers from around the world, has set a new set of targets that include Belarus' railway network, domestic satellite system navigation system of Russia GLONASS and telecommunications operators such as MTS and Beeline.
In a related development, the Ministry US Treasury stated that imposes sanctions to certain Russian oligarchs and entities, for providing direct and indirect supports in the Russian government and conducting global influence operations "focused on discord over social issues in Ukraine."