When the world gets closer.

We help you see farther.

Sign up to our expressly international daily newsletter.

Already a subscriber? Log in .

You've reached your limit of one free article.

Get unlimited access to Worldcrunch

You can cancel anytime .


Exclusive International news coverage

Ad-free experience NEW

Weekly digital Magazine NEW

9 daily & weekly Newsletters

Access to Worldcrunch archives

Free trial

30-days free access, then $2.90
per month.

Annual Access BEST VALUE

$19.90 per year, save $14.90 compared to monthly billing.save $14.90.

Subscribe to Worldcrunch
FOCUS: Russia-Ukraine War

How Pro-Ukrainian Hackers Have Undermined Russia's War Every Step Of The Way

Authorities in Moscow continue to struggle to stem the tide of data breaches from hackers inside and outside Ukraine, who have been one of the unsung heroes in the resistance to the Russian invasion.

Screenshot of a masked Ukrainian "hacktivist"

A masked Ukrainian "hacktivist" in a video posted by hacking groups Falcons Flame and Trinity

Falcons Flame and Trinity YouTube screenshot
Lizaveta Tsybulina

Updated Nov. 20, 2023 at 5:45 p.m.

It was a concerted effort that began with Russia's Feb. 24, 2022 full-scale invasion, and has not relented since: pro-Ukrainian hackers have been targeting Russian government agencies and businesses, gathering secret information and passing it on to the Ukrainian security and intelligence forces.

Discrepancies exist in total reported breakthroughs and leaks obtained over the past 20 months. This year so far, Roskomnadzor, Russia’s digital watchdog, identified 150 major leaks, while Kaspersky Lab, a Russian cybersecurity firm, reported 168 leaks, totaling about 2 billion lines of data, including 48 million with top secret passwords.

Stay up-to-date with the latest on the Russia-Ukraine war, with our exclusive international coverage.

Sign up to our free daily newsletter.

Following the Russian invasion, a substantial number of hackers worldwide expressed solidarity with Ukraine, and took action. "My colleagues and I operate under the principle that 'if it can be hacked, then it needs to be hacked,'” said a representative of the Cyber.Anarchy.Squad group. “We believe in targeting anything accessible, especially if it's significant to defeating the enemy."

“BlackBird,” one of the founders of the DC8044 community, explained that the primary objective of hacking Russian entities is to acquire data useful to Ukrainian security forces.

"The personal data obtained by our groups is typically shared with security forces,” he said. “They aggregate and analyze this information to support their operations effectively.”

Hackers closely cooperate with Ukrainian intelligence services as well: they are engaged in reconnaissance, sabotage and information operations. Andrey Baranovich, co-founder of the Ukrainian CyberAlliance group said that “If we spend 24 hours hacking something, our victims should spend at least a week recovering, and in the optimal case, the victim should not recover at all.”

Hackers unanimously agree that known leaks are just the tip of the iceberg; in most cases, having gained access to data, hackers try not to reveal the information publicly so that the organization that has been hacked cannot respond. “Some databases to which hackers already have access are constantly being saturated with large amounts of new data, and spitting it out publicly means losing this access,” says BlackBird.

How susceptible is Russia to hacking?

Data breaches become public when hackers want to hurt an enemy or build a reputation for themselves. Of course, data is also sold for money - to spammers, scammers, and data aggregators. “We constantly sell and leak data,” says admits Michael Myers, a member of the UHG hacker group. “We mainly try to help our military personnel, but we also have to fund our technical operations.”

Obviously, all else being equal, the more people use the Internet, leaving their data there, the more data leaks will happen. Russia is among the world leaders in the use of the Internet, and the COVID-19 pandemic only increased this reliance.

The West's economic sanctions do not make matters easier for Moscow: many Western IT companies, whose anti-hacking solutions were previously purchased by Russian businesses — Cisco, IBM, Imperva, Fortinet, Norton, Avast — have limited or stopped their activities in Russia.

“If previously Russian companies could afford to use the largest, best known, most proven anti-hacking software, now they have to improvise,” notes one expert, who wished to remain anonymous.

“The fact that Russia is extremely dependent on Western technologies, which are now incredibly difficult to source in the absence of manufacturers, makes hacking Russia all the easier,” notes Baranovich from the Ukrainian Cyber Alliance.

photo of anonymous hacker with russian flag overlay

Cyber war continues on both sides.

Jernej Furman

How does Russia fight hackers?

In theory, Roskomnadzor, Russia's media and information technology agency, has the mandate to protect personal data. This is a otherwise a very active government body: it blocks opposition sites, enforces censorship in Russia, studies ways to disconnect Russian networks from the outside attacks, and even makes sure that Vladimir Putin is not called offensive names. Because of its breadth of tasks, there are simply no resources left to protect the personal data of Russians, and the law does not provide any real help in this regard.

“The entire fight against leaks today involves sending letters and simulating vigorous activity," notes the information security expert. "Some meager fines are applied only after a scandal arises in the media."

Personal data protection looks like this. Each operator of personal data — be it Russia's leading internet company Yandex or a regional pizza delivery service — must be included in the register of operators. Now there are almost one million companies like this. If a leak occurs, the company is obliged to notify Roskomnadzor, which typically launche an investigation and then, possibly, force the company to face administrative liability. The maximum fine under it is 100,000 rubles ($1,100).

Businesses are scared

The Ministry of Digital Development is now preparing a bill that it hopes can reduce the number of data breaches. It increases fines for companies whose data has been leaked. For the first breach - 3–15 million rubles ($33,000 - $170,000), for a repeat leak - 3% of the company’s annual turnover, but no less than 15 million rubles and no more than 500 million rubles ($5,500,000).

At the same time, the company will be able to reduce the fine if it is able to reach an agreement with the majority of victims, including people whose data was leaked, offering them compensation. This is supposed to be done through State Services.

Business is traditionally afraid that officials will use it not for good, but rather their own personal interests

Roskomnadzor has proposed introducing actual licensing of large personal data operators (more than a million records) with the same law. The proposal entails transitioning to a licensing system, where companies with more than one million data records would need to meet specific criteria. These criteria include hiring at least five individuals with higher education in information security, demonstrating the capability to pay major fines, and restricting data processing to within Russia. Subsequently, Roskomnadzor would conduct an assessment of the company's IT infrastructure to determine it sufficiently protected.

While all this sounds reasonable, business is traditionally afraid that, having received leverage in the form of large fines and licensing, officials will use it not for good, but rather their own personal interests — economic or otherwise.

“Such a law encourages officials to try to increase the number of fines rather than to stop leaks,” the cybersecurity expert concludes.

You've reached your limit of free articles.

To read the full story, start your free trial today.

Get unlimited access. Cancel anytime.

Exclusive coverage from the world's top sources, in English for the first time.

Insights from the widest range of perspectives, languages and countries.


AI And War: Inside The Pentagon's $1.8 Billion Bet On Artificial Intelligence

Putting the latest AI breakthroughs at the service of national security raises major practical and ethical questions for the Pentagon.

Photo of a drone on the tarmac during a military exercise near Vícenice, in the Czech Republic

Drone on the tarmac during a military exercise near Vícenice, in the Czech Republic

Sarah Scoles

Number 4 Hamilton Place is a be-columned building in central London, home to the Royal Aeronautical Society and four floors of event space. In May, the early 20th-century Edwardian townhouse hosted a decidedly more modern meeting: Defense officials, contractors, and academics from around the world gathered to discuss the future of military air and space technology.

Things soon went awry. At that conference, Tucker Hamilton, chief of AI test and operations for the United States Air Force, seemed to describe a disturbing simulation in which an AI-enabled drone had been tasked with taking down missile sites. But when a human operator started interfering with that objective, he said, the drone killed its operator, and cut the communications system.

Keep reading...Show less

The latest