The resumption of online vigilantes or hacktivists during the war in Ukraine could be “problematic” for wider security efforts, warned the director of cybersecurity of the US National Security Agency (NSA).

Speaking at the CyberUK conference in Newport yesterday, Rob Joyce of the NSA said the return of hacktivists was a problem for Western countries. The head of the Australian Center for Cyber ​​Security (ACSC) Abby Bradshaw added that these hackers could introduce “extreme unpredictability” for intelligence services and that there was potential for “spillovers and wrongful attribution, retaliation and escalation” of cyber conflict. Even the most well-meaning hacktivists have the potential to cause greater security problems for the community, experts said Technical monitor.

NSA cybersecurity chief Rob Joyce is concerned about the rise of hacktivism during the war in Ukraine. (Photo by David Paul Morris / Bloomberg via Getty Images)

Hacktivism in the war in Ukraine

Russia’s invasion of Ukraine has sparked a wave of online activists vigilant on both sides of the conflict. Two days after the start of the war, Ukraine’s Minister of Digital Transformation, Mikhail Fedorov, called on anyone with “digital talents” to join what he described as the “IT army”. A Telegram group set up for the initiative quickly had more than 34,000 members.

This prompted many Russian criminal gangs, including software groups such as Conti, to publicly declare their support for Russia, while the hacking group Anonymous soon pledged allegiance to Ukraine.

Bradshaw of the ACSC added that the scale of hacktivism was a cause for concern, with reports of up to 300,000 hackers coming to Ukraine’s aid. Joyce of the NSA acknowledged that those helping Ukraine were “trying to do noble things”, but said that in the end the behavior was “problematic”.

Content from our partners
How businesses can best prepare for the digitization of finance

How AI can enable Middle East energy operators to deliver Oil & Gas 4.0

How should businesses get out of their data center?

Why is hacktivism in Ukraine potentially dangerous?

The problem is that hacktivists’ actions often make it difficult to accurately assess who carried out the cyber attack, explains Chris Morgan, a senior cyber intelligence analyst at Digital Shadows. “The boundaries between state-owned cybercriminals and hacktivists are becoming even more blurred as the war further distorts the exact motivation of those involved in cyber threats,” he said.

It is possible that the hacktivist attack was misinterpreted as something committed by a nation state, he continued. This “could lead to revenge attacks and significantly increase the cyber risk associated with the conflict in Ukraine.”

The unpredictability of the hacktivists makes the effects of their attacks difficult to control, said Toby Lewis, global head of threat analysis at security company Darktrace. “With hacktivism, which aims to be destructive, such as DDoS, Wiper attacks and ransomware, it is always possible for other cyber operations to be interrupted unintentionally,” Lewis said. “For example, an intelligence agency that has infiltrated an asset for many months may be denied access by even the most well-meaning activist group targeting the same asset.”

There are also shortcomings for the hacktivists themselves, says Jawvad Malik, a leading advocate for security awareness on the Knowbe4 security training platform. “People involved in hacktivism can be exposed, which can lead to personal consequences,” he said. “When Anonymous was active, he encouraged supporters to download and use Low Orbit Ion Canon (LOIC) to launch DDoS attacks against websites. Many of the participants in this activity were easily identified and subsequently charged with cybercrime activities. “

Western countries must set an example of hacktivism

Joyce of the NSA and Lindy Cameron, head of the National Cybersecurity Center of the United Kingdom (NCSC), told the conference that Western countries must set an example if they want others to behave legally in cyberspace. I look at the way we try to hold bad actors accountable in other nations and I look at the threats coming from Western Europe, America and others and I say ‘we have to be good international citizens in the cyber arena, in the way we ask to behave too, “Joyce said.

Read more: Fake EDRs help hackers target cybersecurity researchers

Ukraine hacktivism ‘problematic’ for security teams says NSA cyber chief

Previous articleRansomware is a threat to national security, so please tell us about the attacks, the government says
Next articleCheck out the steps to redeem today’s free codes