Skip to main content

Rival hackers fighting proxy war over Crimea

By Jeffrey Carr, Special to CNN
updated 9:29 AM EDT, Tue March 25, 2014
STORY HIGHLIGHTS
  • The Ukraine-Russia crisis is playing out in cyberwarfare, says Jeffrey Carr
  • Hackers have been causing service interruptions and breaching databases, he says
  • Carr says the attacks have similarities to the resistance movement in WWII Europe
  • He says the most powerful nations cannot reliably defend their infrastructure from attacks

Editor's note: Jeffrey Carr is the author of "Inside Cyber Warfare: Mapping the Cyber Underworld" and the founder of Suits and Spooks, an international security conference. He regularly speaks at conferences and seminars and consults on security matters for multinational corporations. He has addressed the U.S. Army War College, Air Force Institute of Technology, Chief of Naval Operations Strategic Study Group, the Defense Intelligence Agency, the CIA's Open Source Center. The views expressed in this commentary are solely his.

(CNN) -- Hackers have been busy causing service interruptions, breaching databases, and defacing hundreds of Ukrainian and Russian websites, as the crisis between the two countries plays out in cyberwarfare.

The attacks have similarities to the resistance movement that sprung up among German-occupied countries during World War II, which took many forms including sabotage, espionage, armed confrontation and counter-propaganda.

In addition to that list, today we can add digital or web-based actions including Distributed Denial of Service (DDoS) attacks, which shut down key websites, the defacement of government websites, and breaching government or key industry networks to access sensitive documents and release them to the world.

Services like Twitter and Instagram may be used to capture events in real-time, and YouTube may be used for recruitment, training and propaganda purposes.

Today we see a 'super-resistance' composed of elite hackers, for whom cracking a secure network is certainly equal to and in some cases superior to that of a militarized cyberwarfare unit.
Jeffrey Carr

The global networks that enable the incredible global communication and information-sharing applications we have all come to enjoy, all use insecure hardware and software. Just like there's no human cell that is immune to every virus, there's no piece of software that is immune from being exploited.

As a result, the most powerful nations in the world today cannot reliably defend their own information and communications infrastructure from targeted attacks, by even a single hacker.

To make matters worse, many of today's best hackers aren't employed by their respective governments.

While the resistance movement of World War II had fewer skills to bring to combat than members of the armed forces, today we see a "super-resistance" composed of elite hackers, for whom cracking a secure network is certainly equal to and in some cases superior to that of a militarized cyberwarfare unit.

OpRussia

Shortly after police cracked down on "Euromaidan" street protesters, who were calling for closer integration with the EU, in Kiev in November last year, Ukrainian security engineers began discussing the necessity of forming an all-volunteer cyberdefense force. By March 1, 2014, cyberattacks on both sides kicked into high gear.

OpRussia, a hacker group formed under the Anonymous umbrella, posted a warning to Russian President Putin that his aggression against Ukraine would not stand on March 1, 2014.

Since then, members of OpRussia have been attacking Russian business and government websites on a daily basis, including the website for the Russian Air Force, the website of the Kamchatka region, Russia's narcotics control service, and even a Russian escort service.

Russian CyberCommand is another group of hackers, some of whom are Russian, who oppose Putin's annexation of Crimea and have been relentless in their attacks against Russian businesses and agencies such as Rosoboronexport -- Russia's sole agency authorized to sell defense and dual-use products and technologies to foreign entities -- and SearchInform.ru -- a Russian IT security company that provides services to Gazprom, Skolkovo, and other important organizations.

Like OpRussia, Russian CyberCommand considers itself part of Anonymous.

Anonymous

While the name Anonymous is frequently associated with cyberoperations that support revolutionary movements, that wasn't the case with these next two groups: Anonymous Ukraine and CyberBerkut, both of whom are Pro-Russia groups.

Anonymous Ukraine attacked NATO websites on November 7 when Ukraine was considering establishing closer ties with the EU as well as NATO membership.

On March 15, CyberBerkut attacked NATO websites again, however those attacks were a small percentage of CyberBerkut's onslaught against several hundred Ukrainian government and commercial websites from March 3 up until the present.

The group's logo and name come directly from Ukraine's old special police unit "Berkut" and there are rumors that the group is composed of either Ukrainian or Russian former security services personnel.

As of March 18, Ukrainian Prime Minister Arseniy Yatsenyuk said that Ukraine would not be seeking NATO membership, a move designed to placate Russia as well as Ukraine's large Russian-speaking population.

Yatsenyuk also announced a willingness to maintain political ties with the EU but will delay signing any economic agreements for the time being.

'Russian Cyber Playbook'

Some Western pundits have drawn similarities between the current cyberattacks and those that happened during previous conflicts.

'Hacktivism' on the rise in the Mideast
John McAfee: "America has lost its way"
Is Iran behind new cyber war threats?
How cybersecurity issues affect us all

Most of the Georgian government's communications systems were shut down by Russian hackers during the conflict there in 2008. But in fact there's very little similarity, and no actual evidence linking the Russian government to the current wave of cyberattacks against Ukrainian websites.

This is not a page out of the "Russian Cyber Playbook" for several reasons:

Firstly, the Nashi, a government-financed Russian youth organization that was responsible for the attacks against Estonia in 2007 and Georgia in 2008 is no more.

And secondly, in 2008, Russian hacker forums were actively recruiting volunteers for attacks against Georgia. Not so today. In fact, many Russian hackers are angry with Putin and are supporting an independent Ukraine.

Time has not stood still since August 2008. In 2010, Russia published a new military doctrine which acknowledged the "intensification of the role of information warfare" and assigned as a task to "develop forces and resources for information warfare."

Russia and most other nations have been investing hundreds of millions of dollars to improve their capabilities to conduct electronic warfare, information warfare, and cyber warfare via increasingly sophisticated means; and by that I mean techniques that include compromising a nation's electrical grid or GPS navigation system from the canopy of a combat helicopter.

Russia, in particular, has spent the last few years developing dual-use technologies that will never be seen or defended against by its target -- for example, malware research that could be used to both defend against malware in peace time and use malware offensively as part of a military operation.

But there will always be highly-skilled civilians who can quickly organize online, distribute easy-to-use denial of service tools, and cause mayhem and embarrassment to the enemy, whoever he may be.

Read more: Cyberwar hits Ukraine

Read more: The gathering cyberstorm

Read more: Cyber arms control? Forget about it

The views expressed in this commentary are solely those of Jeffrey Carr.

ADVERTISEMENT
Part of complete coverage on
updated 3:51 AM EDT, Fri October 3, 2014
Reza Sayah looks into why thousands of Ukrainians have left their old lives to volunteer to fight.
updated 4:48 PM EDT, Tue October 14, 2014
CNN's Ralitsa Vassileva speaks to The New Republic's Linda Kinstler about Putin's motives with Ukraine and China.
updated 10:36 AM EDT, Wed September 24, 2014
President Barack Obama speaks at the 69th session of the United Nations General Assembly.
updated 8:58 AM EDT, Tue September 9, 2014
Malaysia Airlines Flight 17 broke apart in the air after it was hit by a burst of "high-energy objects" from outside, a preliminary report by Dutch aviation investigators said Tuesday.
updated 7:34 AM EDT, Tue September 9, 2014
"There were many scenes that defied logic," writes OSCE spokesman Michael Bociurkiw, who was one of the first international observers to arrive at the site.
updated 12:11 PM EDT, Wed September 3, 2014
On a country road in eastern Ukraine, a scene of bucolic tranquility was suddenly interrupted by the aftermath of carnage.
updated 4:19 PM EDT, Tue September 2, 2014
In the city of Donetsk, the devastation wrought by weeks of fighting between pro-Russia rebels and Ukrainian forces is all too apparent.
updated 8:00 PM EDT, Sun August 31, 2014
CNN's Diana Magnay reports from the front lines in the Ukrainian conflict.
updated 7:26 AM EDT, Mon September 1, 2014
A few miles south of the town of Starobeshevo in eastern Ukraine, a group of men in uniform is slumped under a tree.
updated 9:43 AM EDT, Sat August 23, 2014
A shopkeeper's mutilated body, relatives' anguish, homes destroyed ... this is Donetsk.
updated 7:12 AM EDT, Tue August 19, 2014
A 20-minute drive from Kiev takes you to a neighborhood that feels more like Beverly Hills than central Ukraine.
updated 9:12 AM EST, Thu November 20, 2014
Photos illustrate the ongoing crisis in Ukraine as fighting continues to flare in the region.
updated 12:31 PM EDT, Thu July 31, 2014
Future imports, exports between the EU and Russia are now banned -- but existing contracts continue.
updated 11:40 AM EDT, Sun July 20, 2014
Some contend that larger weapons have come into Ukraine from Russia.
Learn more about the victims, ongoing investigation and the Russia-Ukraine conflict.
updated 5:25 AM EDT, Wed July 23, 2014
The downing Malaysia Airlines Flight 17 put the pro-Russia rebels operating in Ukraine's eastern region center stage.
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT