Ukraine’s IT hacker army requires a non-technical solution to scale
Cyber-attacks have become a regular part of Ukraine’s resistance against Russian aggression. This can be seen in the activities of the country’s volunteer IT Army, which continues to call for volunteers to lend their support to attacks against the Kremlin’s online presence.
July 19, 2024 - David Kirichenko - Articles and Commentary
Over two years have passed since Russia’s full-scale invasion of Ukraine, and the volunteer IT Army of Ukraine is more effective than ever. On June 20th 2024, the hacker group launched what they claimed to be the “largest DDoS attack in history” against Russia’s banking system, crippling numerous banks and causing widespread disruption. The group has emerged as a critical player in a new kind of hybrid warfare that spans both the physical battlefield and cyberspace. However, to continue scaling its impact, creative marketing is needed to enlist more ordinary citizens worldwide.
In March 2024, Dmitry Gribkov, an aide to the Russian Security Council, threatened western officials, stating that by supporting the IT Army they are opening Pandora’s box, which would backfire against its “masters”.
Gribkov went on to say that “Hacking experts are being trained in Ukraine and the Baltic states to carry out computer attacks on Russia’s information infrastructure.” He further highlighted that Ukrainian officials are not shy about involvement in “mass cyber-attacks on Russian information infrastructure facilities”. Ukraine’s volunteer hacker army is not just some obscure cyber group in the background; it is actively thought about in the minds of the Kremlin elite.
The IT Army has undergone a significant evolution since the Russian invasion began in 2022. Formed in response to a digital call to arms by Ukraine’s Minister of Digital Transformation, Mykhailo Fedorov, the IT Army has democratized Distributed Denial of Service (DDoS) attacks against its adversary.
At its peak in 2022, the group had several hundred thousand members. However, according to the IT Army’s spokesperson, who goes by the nickname “Ted”, many subscribers to Ukrainian channels unsubscribed as the war progressed, leaving dedicated volunteers to continue the efforts.
DDoS attacks, the IT Army’s primary tactic, involve coordinating numerous computers to bombard a specific network or website with excessive requests, overwhelming and ultimately crippling the target.
In the first two years of the war, the IT Army focused on inflicting economic damage on Russia, viewing their cyber-attacks as a new form of sanctions. Although exact figures are difficult to determine, Ukraine’s hacker army estimates that their actions have caused over one billion US dollars in economic damage.
The IT Army’s campaign has significantly disrupted Russian Internet providers, with reports of 40 per cent resource disruption at one point. The Russian news site Kommersant wrote that “The number of DDoS attacks on Russian companies doubled year on year in the first quarter. Mostly companies from critical industries… Roskomnadzor speaks of repelling almost three times more attacks in the first quarter alone than in the whole of 2023.”
The St. Petersburg International Economic Forum, hosted by the Russian Federation in June 2024, experienced a significant surge in DDoS attacks. Russian media reported that the number of DDoS attacks on the forum’s online portals more than doubled compared to 2023, aiming to disrupt its digital resources. The IT Army’s Telegram channel commented on the attacks, noting that “There wasn’t a big explosion, but we sure rattled their nerves.”
Gazeta.Ru reported in April 2024 that almost half of the companies in the top 100 by revenue in Russia do not have “professional protection” against Layer 7 DDoS attacks. Russian media also reported in May 2024 that the number of DDoS attacks on the Russian energy industry has increased tenfold over the past year.
In response to Russia attacking Ukraine and opening a new front in Kharkiv in May, the Ukrainian IT Army announced on their Telegram channel, “We are currently working on important targets related to events at our border in the Kharkiv region. We are trying to disrupt the enemy’s communications. We need more power! Activate everything!”
The IT Army pointed out that their attacks on electricity transportation also connect to the battlefield, because electricity supply is both a vital resource for Russia’s military and a vulnerability.
Ukrainian intelligence services coordinated with the IT Army to support cyber-attacks in conjunction with Ukraine’s drone strikes inside Russia. During these operations, as Ukrainian drones targeted Russian oil refineries, the IT Army launched DDoS attacks to disable CCTV cameras in Russia, reducing visibility and hindering the tracking of drone movements.
However, the effectiveness of DDoS attacks is proportional to an attack’s scale. The more devices powering an attack, the more effective the impact. Speaking about how to address performance capacity, Ted noted, “We need to increase the number of volunteers that we have dedicating hardware capacity to the IT Army.”
Recruiting on traditional social media is a dead end for the IT Army. Ted pointed out that social networks like X (formerly known as Twitter) and Facebook simply ban anyone who advertises cyber-attacks. For now, the IT Army continues to engage with marketing firms to figure out how to improve their reach.
Amid a full-scale cyber war between Russia and Ukraine, the IT Army is working on scaling a decentralized hacker army through non-technical means. The solution is to convince the average person with internet access that they are capable of conducting cyber-attacks against the enemy from anywhere, and by doing so that they can join Ukraine’s cyber defence.
Despite remaining largely unnoticed by western media, the IT Army of Ukraine is pioneering the first large-scale, decentralized cyber warfare campaign against their adversaries.
David Kirichenko is a freelance journalist and an Associate Research Fellow at the Henry Jackson Society. He can be found on X @DVKirichenko.
Please support New Eastern Europe's crowdfunding campaign. Donate by clicking on the button below.