War is not just in the trenches. Russia in an effort to rally its world and protect its services has published a list of IP and Domains that it believes its infrastructure is being DDoS attacked.
As the ongoing Russia-Ukraine conflict escalates, the Russian government published on Thursday a huge list of 17.576 IP addresses and 166 domains that it claims are behind a series of DDoS attacks targeting its domestic infrastructure.
Some of the most notable domains in the listing released by Russia's National Coordination Center for Computer Incidents (NCCCI), are the Federal Bureau of Investigation of USA (FBI), the Central Intelligence Agency (CIA), and websites of several media outlets such as USA Today, 24News.ge, megatv.ge, and Ukraine's Korrespondent magazine.
As part of the Russian government's recommendations for dealing with DDoS attacks, but also in anticipation of massive cyber attacks on Russian IT resources, it urges organizations to shield network devices, enable logging, change passwords accesss related to key infrastructure components, disable automatic software updates, disable third-party plugins on websites, keep data backups, and watch out for phishing attacks.
We read in their recommendation (ALRT-20220302.1.pdf), which is in Russian but you know now how to make a pdf document translation:
"Use Russian DNS servers. Use your telecommunications provider's corporate DNS servers and / or DNS servers to prevent the organization's users from being redirected to malicious resources or other malicious activity. If your organization's DNS zone is serviced by a foreign telecommunications provider, transfer it to the Russian Federation Information Center. "
What is certain, however, is that the battle will not be fought only in the territories of Ukraine. Developments are coming and the ground war is expected to be complemented by a barrage of cyber-attacks in the digital sector, with hacktivist groups backing both countries hitting government and business websites and leak collections personal data.
Ukraine, which managed to assemble a volunteer “army information technologyς» αμάχων χάκερ από όλο τον κόσμο, έθεσε ένα νέο σύνολο στόχων που περιλαμβάνει το σιδηροδρομικό network of Belarus, Russia's domestic navigation satellite system GLONASS and telecommunications operators such as MTS and Beeline.
In a related development, the US Treasury Department stated that imposes sanctions to some Russian oligarchs and entities, to provide direct and indirect support to the Russian government and to conduct global influential operations "focusing on the divisiveness of social issues in Ukraine."
