When the predator becomes prey: Russia, devastated by cyber attacks

It is believed that hackers in the service of Russia have been behind many large-scale cyberattacks in recent years. Thus, Moscow has become an entity feared by those working in the field of cyber security and beyond.

The war in Ukraine and the inability of the authoritarian state led by Vladimir Putin to launch significant cyber attacks on Ukraine have destroyed some of this myth. They even tried unsuccessfully to shut down the electricity grid to leave millions of people in the dark, according to Eset. Moreover, as a result of this conflict, the “predator” became the “prey.” Russia has been the victim of massive computer attacks, some devastating.

The first significant, highly destructive attack was on the Russian Civil Aviation Authority (Rosaviatsia). The hackers, who claim to be part of the Anonymus group, compromised the organization’s networks and destroyed all data, including backups. In total, Rosaviatsia lost 60 TB of data, and the organization had to switch to pen and paper after the attack.

Anonymus also broadcast, on the frequencies of several state-controlled televisions in Russia, images of the destruction caused by the Russians in Ukraine. Then, the group of hackers Squad 303 in Poland, affiliated with Anonymus, launched a site through which users can send text messages to various phone numbers in Russia. People are encouraged to tell the people there what is really going on in Ukraine. Squad 303 claims to have facilitated the transmission of tens of millions of SMS and messages on WhatsApp.

Read also: A hacker allegedly turned off the Internet in North Korea for revenge

Also at the beginning of the war, several charging stations for electric cars in the Moscow capital were compromised by hackers. Messages such as “Glory to Ukraine”, “Glory to Heroes”, “Death to the Enemy” appeared on their displays, as well as a text, which cannot be reproduced here, against Vladimir Putin. Less sophisticated DDoS attacks on thousands of Russian sites, television stations, government sites or companies followed.

Data on the Internet, possible “gold mines”

Then, in one of the most important incidents, the Security Service of Ukraine (SBU) published on the Internet personal information belonging to 1,600 Russian soldiers who allegedly acted in the area of ​​Bucea. The Russian armed forces are accused of committing war crimes in the area. Another database published on the Internet by the SBU presented the names of 620 alleged employees of the FSB in Moscow, Russia’s most important intelligence service.

In all, hundreds of GB files of Russian citizens’ data appeared on the Internet during the war, along with millions of e-mail addresses. Some analysts believe that the effects of these leaks can be profound. These data could be real gold mines for the press, intelligence agencies around the world and the authorities. Aric Toler, an investigative journalist at Bellingcat, wrote that this information appears to have been combined from previously published databases. It remains to be seen what news the files provided by SBU bring.

At the same time, the group of activists Distributed Denial of Secrets (DDoSecrets) published 360,000 files of Roskomnadzor, the Russian agency that censors the media market. This was followed by, among other things, 62,000 e-mails from an investment firm owned by a Western-sanctioned person, 230,000 e-mails from the Ministry of Culture and 250,000 from the Ministry of Education.

Russia was no longer the target of such operations, as hackers feared possible revenge by the Kremlin. “Honestly, I’ve never seen so much data about Russia before,” wrote Emma Best, co-founder of DDoSecrets.

Sources: Wired, BBC News