War is not just in the trenches. Russia, in an effort to mobilize its people and protect its services, has published a list of IPs and Domains it considers to be attacking its DDoS infrastructure.
As the ongoing Russia-Ukraine conflict escalates, the Russian government published on Thursday a massive list of 17.576 IP addresses and 166 domains that it claims are behind a series of attacks DDoS, targeting its domestic infrastructure.
Some of the most notable domains in the listing released by Russia's National Computer Coordination Center (NCCCI) are the US Federal Bureau of Investigation (FBI), the Central Intelligence Agency (CIA), and the websites of several media outlets such as the USA. Today, 24News.ge, megatv.ge and the Ukrainian Korrespondent magazine.
As part of the Russian government's recommendations for dealing with DDoS attacks, but also in anticipation of massive cyberattacks on Russian information resources, it urges organizations to shield their Appliances δικτύου, να ενεργοποιήσουν την καταγραφή, να αλλάζουν κωδικούς πρόσβασης που σχετίζονται με βασικά στοιχεία υποδομής, να απενεργοποιήσουν τις αυτόματες ενημερώσεις λογισμικού, να απενεργοποιήσουν προσθήκες τρίτων σε ιστότοπους, να κρατούν αντίγραφα ασφαλείας δεδομένων, και να προσέχουν για επιθέσεις phishing.
We read in their recommendation (ALRT-20220302.1.pdf), which is in Russian but you know now how to make a pdf document translation:
"Χρησιμοποιήστε ρωσικούς διακομιστές DNS. Χρησιμοποιήστε τους εταιρικούς διακομιστές DNS ή/και τους διακομιστές DNS του παρόχου τηλεπικοινωνιών σας για να αποτρέψετε την ανακατεύθυνση των χρηστών του οργανισμού σε maliciousυς πόρους ή άλλη κακόβουλη δραστηριότητα. Εάν η ζώνη DNS του οργανισμού σας εξυπηρετείται από ξένο τηλεπικοινωνιακό πάροχο, μεταφέρετέ την στον χώρο πληροφοριών της Ρωσικής Ομοσπονδίας."
What is certain, however, is that the battle will not be fought only on the territory of Ukraine. The developments are coming and it is expected that the ground war will be complemented by a barrage of cyberattacks in the digital domain, with hacktivist groups supporting both two countries, to hit websites of government and commercial entities and to leak collections personal data.
Ukraine, which has amassed a volunteer "IT army" of civilian hackers from around the world, has set a new target for Belarus's railway network, Russia's GLONASS satellite satellite navigation system and telecommunications operators such as MTS and Beeline.
In a related development, the US Treasury Department stated that imposes sanctions to some Russian oligarchs and entities, to provide direct and indirect support to the Russian government and to conduct global influential operations "focusing on the divisiveness of social issues in Ukraine."