Experts say ‘hacktivist’ cyber disruption could spread to Russia

A cyberattack by a group called the Belarusian Cyberpartisan (BCP) on January 24 briefly disrupted Belarusian railway systems, threatening to cripple trains carrying Russian troops and artillery into the country.

The attack, which was part of a larger project by the group to target state institutions and the regime of longtime leader Alexander Lukashenko, could be a sign of more cyber tactics to come by militants in the region. at large, including Russia, experts said.

“The BCP was so spectacular and effective that I could definitely see a few other groups popping up in the area,” Gabriella Coleman, a professor of anthropology at Harvard University and author of two books on hacking, told the Moscow Times..

The number of hacktivist groups – activists who use technology to effect social change – has increased to get up across Russia in recent years, and with repressions on public events scanning In the entire post-Soviet region, cyberspace is perhaps the safest place for collective discord.

“In Russia there is clearly a highly skilled technical class, and there is disaffection, so one would expect to find at least a small pocket of hacktivism,” Coleman added.

The hacktivists’ tactics, which have been popularized by the Anonymous group over the past decade, have been responsible for a string of high-profile attacks across Russia, including a series of ‘hacks and leaks’ by the cybergroup. Shaltai Boltai – meaning humpty dumpty in English. – which exposed Kremlin tactics during the annexation of Crimea in 2014.

According to experts, an overabundance of technical specialists in Russia and the absence of a significant technology sector to employ them tend to attract those who feel disenfranchised into the world of hacktivism. But many other would-be hacktivists end up becoming hackers.

“There’s so much money to be made in illegal piracy,” Coleman said.

Additionally, an alleged tacit agreement between cybercriminals and the state has historically allowed hackers to operate with relative impunity in Russia, provided they do not operate in the .ru domain.

A Times of London report last year detailed how two of Russia’s most notorious hackers, Evil Corp’s Maksim Yakubets and Igor Turashev, lead lavish lives in Russia despite being behind the creation and distribution of malware used to steal over $100 million from banks, charities and financial institutions in the last decade.

While a spate of cyberattacks, including one that targeted 70 Ukrainian government websites last week, suggests that cyberattacks are increasingly part of Putin’s playbook, the decision to institutionalize these skills means that Captured pirates are seen as a potential asset to state security, as opposed to a threat.

“It could be that potential hacktivists end up working for the state,” Coleman said, adding that it’s also worth noting that Russia is better equipped than Belarus to deal with cyber threats.

The BCP has set out to denounce the outdated institutions chaired by Lukashenko, said Yulia Shemetovets, spokeswoman for the group.

“Many entities don’t even use licensed software; they use old computers and the regime does not invest enough money in this infrastructure,” she told the Moscow Times..

In contrast, Russia promised 28 billion rubles ($362 million) to cybersecurity in 2020, building a number of “cyberpolygons” across the country to expand its cybersecurity training and education programs.

However, as Coleman pointed out, “Security at all levels is still not good enough. There are so many weak links.”

Government institutions

one october report in the business daily Vedomosti, 16% of cyberattacks in Russia are carried out by hacktivists, with one in five cyberattacks being carried out against government institutions.

While many of them are quickly thwarted, Oleg Skulkin, head of the digital forensics and incident response team at cybersecurity firm Group-IB, told the Moscow Times that the threat of hacktivism should not be neglected.

“The threat of hacktivism should not be underestimated. They are also cybercriminals, it’s just that their motivation is different. Their actions can cause as much damage as attacks carried out by traditional cybercrime. As can be seen , they can use the same methods and use the exact same tools,” Skulkin said.

Although hacktivism is not as big of a threat to the cyber community as financially motivated hackers, organizations are more likely to regain control of the server when money can be used as a bargaining chip. If hacktivists are targeting you, there’s little you can do but submit to their demands, he said.

“The high-risk nature of hacktivism and the fact that you need skills means you’ll never see a real mass movement in hacking,” Coleman said. That doesn’t mean it can’t be used as an important tool for the political opposition, however, she added.

“It’s something that’s recently entered the cultural imagination,” Coleman said, “the BCP isn’t the first to use sabotage, but it’s the first to be well organized and execute it in a very deliberately. I think they do sincerely believe that these tactics can be successfully deployed.”