Joe Tidy – Cybersecurity Reporter

posted on 03/20/2022 14:25



(credit: BBC)

The collective of hackers and cyber activists Anonymous has been bombarding Russia with cyber attacks since it declared “cyber warfare” on President Vladimir Putin in retaliation for the invasion of Ukraine.

Several people operating under that banner spoke to the BBC report about their motivations, tactics and plans.

Of all the cyber attacks carried out since the beginning of the conflict in Ukraine, an action by Anonymous on Russian TV networks stands out.

The attack was captured in a short video showing normal programming interrupted with footage of bombs going off in Ukraine and soldiers talking about the horrors of the conflict.

The video began circulating on February 26 and was shared by Anonymous social media accounts with millions of followers. a post on Twitter carried a message that, translated, reads like this: “State #Russian TV channels were hacked by #Anonymous to broadcast the truth about what happens in #Ukraine”.

It quickly racked up millions of views.

BBC The video was sent to a woman in the US, Eliza, by her father in Russia.



The case has all the hallmarks of an Anonymous action – dramatic, impactful and easy to share online. Like many of the group’s other cyberattacks, it was also extremely difficult to verify.

But one of Anonymous’s smaller hacker groups said they were responsible and that they took over the TV services for 12 minutes.

The first person to post the video was also able to verify that it was real. Eliza lives in the United States, but her father is Russian and called her when her TV shows were interrupted. “My dad called me when it happened and said, ‘Oh my God, they’re showing the truth!’ So I got him to record it and posted the video online. He says one of his friends saw it happen too.”

Rostelecom, the Russian company that manages the hacked services, did not respond to requests for comment in the report.

The hackers justified their actions by saying that innocent Ukrainians were being massacred. “We will intensify the attacks on the Kremlin if nothing is done to restore peace in Ukraine,” they added.

Anonymous says it has also taken down Russian websites and stolen government data, but Lisa Forte, a partner at cybersecurity firm Red Goat, says most of these attacks so far have been “pretty basic.”

Hackers have primarily used DDoS attacks, where a server is overwhelmed by a flood of requests, she explained. These are relatively simple to perform and only take sites offline temporarily.

“But the TV cyberattack is incredibly creative,” she said, “and I think very difficult to pull off.”

Who is Anonymous?

The collective of hackers and cyber activists (or ‘hacktivists’) emerged in 2003 from the website 4chan

The group has no leadership, its slogan is “we are legion”

Anyone can claim to be part of the group and hack for whatever cause they want, but they usually attack organizations accused of misuse of power.

His symbol is a Guy Fawkes mask, made famous by Alan Moore’s V for Vendetta, in which an anarchist revolutionary overthrows a corrupt fascist government.

The group has many social media accounts with 15.5 million followers on their Twitter pages alone.

Anonymous hackers also defaced Russian websites. Lisa Forte says this involves gaining control of a website to change the content displayed.

So far, the attacks have caused disruption and embarrassment, but cyber experts are increasingly concerned about the explosion of cyber activism since the hack.

They are concerned that a hacker could accidentally bring down a hospital’s computer network or disrupt essential communication links, for example.

“I’ve never seen anything like it,” says Emily Taylor of Cyber ​​Police Journal. “These attacks carry risks. [Eles] could lead to an escalation, or someone could accidentally cause real damage to a fundamental part of civilian life”.

The Anonymous collective hasn’t been this active in years.

Roman, a Ukrainian tech entrepreneur who leads a hacking group called Stand for Ukraine, had no ties to the organization until Russia invaded his country.

But he told me that when he and his team briefly defaced the website of Russian state news agency Tass with an anti-Putin poster, they included an Anonymous logo.

Roman works from his sixth-floor apartment in Kiev, coordinating his team as they create websites, Android apps, and Telegram bots to aid the Ukraine war effort and hack Russian targets.

Roman Roman at work: “Sometimes I see rockets in the sky”



“I’m ready to take a rifle across Ukraine, but right now my skills are better used on the computer. So I’m here at home with my two laptops, coordinating this IT resistance.”

He says his group shut down a Russian regional train ticket service for several hours, although the BBC was unable to verify this information.

He defends his actions by saying, “These things are illegal and wrong until there is a threat to you or your relative.”

Another group that merged with Anonymous is a Polish team of hackers called Squad 303, named after a famous Polish fighter squadron in WWII.

“We worked together with Anonymous all the time and I now consider myself a member of the Anonymous movement,” says one member of the group, who uses the name of WWII pilot Jan Zumbach as a nickname.

He asked that his photo not be published. Another member of his team, a Ukrainian, uploaded a photo of himself in a helmet and mask. He described his situation as “on the barricade with a rifle during the day and hacking with Squad/Anonymous at night”.

Squad 303 has built a website that allows the public to text random Russian phone numbers, telling them the truth about the war. They claim to have made it possible to send over 20 million SMS and WhatsApp messages.

Two Anonymous groups I spoke to cited this as the most impactful thing the collective has done so far for Ukraine.

Asked how he justified the Squad’s illegal activity, Jan Zumbach said they didn’t steal or share any private information and were just trying to talk to the Russians, with the aim of winning the information war.

However, he also said that they were planning a more impactful hacking attack in the coming days.

Similar groups in Russia are also carrying out cyberattacks against Ukraine, but apparently on a smaller scale.

There have been three major waves of coordinated DDoS attacks against Ukraine since January, as well as three incidents of more serious “wiper” attacks that deleted data on a small number of Ukrainian computer systems.

On Wednesday (16/3), a manipulated video of the Ukrainian president appeared on the website of TV channel Ukraine 24 after an apparent invasion.

In today’s environment, however, it is difficult to know exactly who is behind any cyberattack.

“Anonymous’s Achilles heel is that anyone can call themselves Anonymous, including state actors who operate against what we fight for,” says former Anonymous hacker Anon2World.

“With our current rise in popularity, it is (almost) certain that there will be obvious repercussions from a government entity. As for increasing chaos, we are used to chaos, especially online.”

