A third front has appeared in the prolonged Russian-Ukrainian confrontation long ago. It is neither a traditional war, like that being fought in Horlivka or Pisky now, nor an information war using fake stories, like that of the “crucified boy from Sloviansk.” It is a cyberwar, waged on the Internet. This kind of aggression is targeting primarily computer systems and Internet access capabilities of businesses and government organizations.
Ukraine’s cyberfrontlines are manned by volunteers from the “Ukrainian Cybertroops” (UCT) NGO. Having been active for over half a year, its members have around 20 operations credited to them, and some of these are continuing. In particular, these operations include the “Revenge” (blocking Russian and separatist websites, with over 60 already put offline) and the “Troll Hunt” (blocking accounts, pages, and groups of terrorists and trolls on social networks).
One of their most recent operations has involved seizing control of routers in Russia, letting the organization disable these devices and leave residents of Crimea and Russia without Internet access. The UCT have recently seized control of a separatist server in Crimea and posted some data from it online.
The UCT members also hack email addresses, particularly those of Russian statespeople, and close accounts, websites, and other resources belonging to terrorists by lodging complaints with electronic payment systems, domain and hosting providers. The cybersoldiers have already blocked almost 160 terrorist accounts holding up to 2,000,000 dollars.
Moreover, the UCT create unauthorized connections to network printers in the temporarily occupied territories of Crimea and the Donbas and print out “Glory to Ukraine!” or that popular Putin-themed chant created by Kharkiv soccer fans. Connections to network cameras in Luhansk and Donetsk regions, including Mariupol, have allowed the cybersoldiers to monitor the situation online. The UCT transfer all information they collect to official investigating bodies, including the Security Service of Ukraine (SBU).
The idea to create the UCT originated with Kyiv-based web security specialist, programmer, Candidate of Computer Science Yevhen Dokukin.
By the way, he created the first Ukrainian-language Internet security website websecurity.com.ua back in 2006, which releases news about vulnerable websites, articles about web security (some of them authored by Dokukin himself), and useful tools and programs for protecting Internet programs and websites.
We offer below the record of our conversation with Dokukin about the origin story of Ukraine’s cybertroops and the place we occupy on the world web security map.
ON THE UCT’S CHIEF OBJECTIVE
“It was reported in the Russian media a few years ago that the Ministry of Defense (they did not mention the FSB at all, by the way) would create cyberwarfare units, following the West’s example. These days, the Russian media just show privates sitting at computers and clicking on keyboards.
“Clearly, the FSB has similar units at its disposal as well, and they are highly advanced. For example, they include now various hacker groups that attack Ukrainian government websites, like the CyberBerkut, which positions itself as a patriotic group and disables government websites. Even the Anonymous do not conduct cyberwarfare against states.
“Ukraine has no official cybertroops, and so I have created the UCT to show that it can be done here. Moreover, such an organization works quite effectively, even without any government or private sponsorship. The UCT fighters pay for their own expenses, and the national leadership is welcome to borrow our model, or develop one of their own from scratch.
“In addition, we conduct free audits of government websites and servers in Ukraine and Russia. For example, a penetration test ordinarily costs a ton of money, but we reveal the website’s security issues for free.”
ON VULNERABILITIES OF GOVERNMENT WEB PORTALS
“We have very few people caring about web security, as only one percent or so of companies sometimes carry out audits of their websites. Even then, if a company has 10 web resources, they analyze security only for one of them. However, this is an inefficient approach.
“By the way, I regularly publish statistics on how many security holes government bodies’ websites have, and not only those in Ukraine. I have analyzed hundreds of websites, and usually no one even thanks me, even though they sometimes correct their mistakes.
“I wrote about issues with the websites of the Cabinet of Ministers and the Verkhovna Rada to no end, and found security holes on the presidential website as well. I did the latter after the adoption of the so-called draconian laws on January 16, 2014, and the SBU responded by closing two domains of mine on January 22, 2014.
“It is surprising that even banks do not carry out security audits. After all, they work with money all the time. Web security funding usually comes last for any financial business and almost any company. Owners prefer investing in anything but security.
“They do so even though VISA can easily block a bank’s transactions for this reason (that is, if a website, that must meet Payment Card Industry Data Security Standard’s requirements, is vulnerable). Blocking one bank will be enough to get the rest to start working on security at once. However, VISA does not do it, I think because it is not serious about the issue either. After all, when the payment system has security problems itself, it is unlikely to put any demands on Ukrainian banks.
“Another vulnerability was revealed on January 16, 2015, when I used a security hole known since 2013 to post on the National Bank of Ukraine (NBU)’s website an appeal to the president asking him to dismiss Hontareva as the chairperson of the bank. We also posted a story recorded by a TV channel back in September 2008, featuring me saying that I had found security holes on the NBU’s website in early May 2008, but they kept ignoring this information. They plugged these holes (or rather some of them, as it turned out later on) only after the story was aired, that is, with a six-month delay.
“More generally, I have discovered thousands of vulnerabilities on government websites and reported them to administrators for free since 2006.”
ON UKRAINE’S PLACE ON THE WORLD WEB SECURITY MAP
“Ukraine is now fighting no one except Russia in the online space, even though we lag behind regarding protection of our own Internet resources, and moreover, we lag behind not just Western countries, but Russia as well. The reason for this is the fact that the government has economized on security ever since independence.
“In order to improve our position, we need to invest heavily in this field, to raise the security level of our Internet resources. This applies to public and private sectors in equal measure, because everyone needs to make their websites and other Internet resources more secure.”
