Ukraine is recruiting a volunteer “IT army” of security researchers and hackers to conduct cyberattacks on thirty-one Russian entities, including government agencies, critical infrastructure, and banks.
Saturday afternoon, Ukraine’s Minister for Digital Transformation Mykhaylo Fedorov announced that they need volunteer “digital talents” for an “IT Army” to conduct operational tasks against Russia on the cyber frontline.
Soon after, a Telegram channel created to organize the IT Army’s operations released a list of Russian targets.
This list includes 31 targets, including Russian government agencies, government IP addresses, government storage devices and mail servers, three banks, large corporations supporting critical infrastructure, and even the popular Russian search engine and email portal, Yandex.
The IT Army came soon after the Defense Ministry began recruiting Ukraine’s underground hacker community to assist in cyberattacks against Russia.
This call to action was published through Yegor Aushev, the founder of Cyber Unit Technologies, who shared an application form on Facebook.
Aushev claims that hackers worldwide have signed up to help Ukraine, even those from Russia.
The recruitment of volunteer hackers and security researchers appears to be having some effect on targeted sites.
Today, the Kremlin, State Duma, and Ministry of Defense websites were offline in what appears to be distributed denial of service attacks,
Should you join the IT Army?
While watching the images of Russia invading Ukraine unfold on TV or social media, you may be tempted to join the “IT army” and conduct cyberattacks against Russian entities.
However, it is important to remember that performing denial of service attacks, breaching networks and computers, and defacing websites is still illegal in most countries, regardless of the target.
Furthermore, as explained by Robert Lee, CEO of cybersecurity firm Dragos, many hands targeting the same entity could compromise legitimate law enforcement and government operations, and activities of cybersecurity companies who have legal agreements with the US government.
Anyone not working on behalf of a government having serious conversations about “hacking back” or launching cyber attacks against Russia please understand – respectfully – you’re an idiot and only going to make matters worse.
— Robert M. Lee (@RobertMLee) February 25, 2022
While aiding Ukraine may turn a blind eye to cyber activities targeting Russian entities, it is very important to think about the legal ramifications of conducting attacks before doing so.