Russia's invasion of Ukraine it happens online and offline, combining physical destruction with escalating digital warfare. Ransomware gangs and other hacker groups report on social media, which country they support.
Many of the groups' announcements also contain threats against critical government infrastructure. Some of these groups are funded by the state, while others are autonomous. But they are all capable of crashing computer systems and disrupting organizations.
It is now inevitable that any military action will involve the so-called "Cyberpatriots" with the perceived enemy either of their own free will or under the guidance of their government. "Some of these groups, such as Anonymous, which launches DDoS attacks, cause only minor inconveniences, but there are others that could be catastrophic," said Allan Liska, ransomware specialist at Recorded Future.
"Ransomware groups, for example, may decide to focus on attacking their country's enemies to create a major upheaval. "More specialized teams can cause more damage."
Liska warned that the Sandworm and UNC1151 teams are causing concern as they have particular capabilities.
They are allied with Ukraine
Anonymous They announced a "formal cyber war against the Russian government." The group later announced on Twitter that it was targeting the Russian-controlled international television network RT and "destroyed the website of the Russian propaganda station RT News."
The Anonymous collective is officially in cyber war against the Russian government. #Anonymous # Ukraine
- Anonymous (@YourAnonOne) February 24, 2022
Ghostsec - They also announced their support for Ukraine. The group is also known as Ghost Security. It considers itself a "vigilance" group and was originally created to target ISIS websites that preach Islamic extremism. Ghostsec is commonly referred to as a branch of Anonymous.
They are allied with Russia
Accounts Full support in Russia "If someone decides to launch a cyber attack or any military activity against Russia, we will use all our resources to hit the critical infrastructure of the enemy." The Conti ransomware gang is extremely sophisticated and known as the first group to exploit the vulnerability Log4Shell.
The Conti #ransomware operation sides with Russia and threatens attacks on critical infrastructure. pic.twitter.com/L8E7lEW1MJ
- Brett Callow (@BrettCallow) February 25, 2022
The team "UNC1151Minsk-based Russia backs Russia The group is considered to be funded by Belarus and members of the group are officers of the Ministry of Defense of the Republic of Belarus.
SandWorm - Supports Russia. The group, known for its recent Cyclops Blinks malware, is made up of state-funded Russian hackers.
The Red Bandits - Supports Russia. On February 22, the team wrote on Twitter: "We understand @UkrainePolice Dashcams and we're watching them. "If Ukraine does not do what #Russia wants, we will escalate our attacks to cause panic."
The group has been described as a cybercrime group by Russia, but is believed to be the Russian intelligence service.
https://twitter.com/RedBanditsRU/status/1495986961760370689
Coming project - Alliance with Russia. The international team announced today that it will assist the Russian government in the event of a cyber attack against Russia.
The domino effect of hacker announcements prompted the Ministry of Defense of Ukraine to send a message in the Ukrainian hacker community. The message was a call to action that encouraged Ukrainian hackers to gather in a mission to protect the nation's critical infrastructure.