According to Reuters, the Ukrainian government asked for volunteers from the country's hacker underground to help protect critical infrastructure and conduct cyber spying missions against Russian troops. Yegor Aushev, the co-founder of a Ukrainian cybersecurity firm Hacken,[7] wrote, "Ukrainian cybercommunity! It's time to get involved in the cyber defense of our country," asking hackers and cybersecurity experts to submit an application listing their specialties, such as malware development and professional references.[8]
Aims
The volunteers who joined the group are divided into offensive and defensive cyber units. While the offensive volunteer unit would help Ukraine's military conduct digital espionage operations against invading Russian forces, the defensive unit would be employed to defend infrastructure such as power plants and water systems.[1]
The Ukrainian government used Twitter and Telegram to share a list of Russian and Belarusian targets for the army to attack.[9] Russian ransomware operators responded by offering their assistance to counter the Ukrainian effort.[10]
Activities
Fedorov requested the assistance of cyber specialists and tweeted a Telegram with a list of 31 websites of Russian business and state organizations.[11][12][5]
On 28 February 2022, the IT Army hacked the website of the Moscow Stock Exchange. The IT Army posted that it had taken them only five minutes to render the website inaccessible.[13][14][15]
On the same day, the IT Army hacked the website of Sberbank, the largest bank in Russia. The IT Army had also launched attacks on other Russian and Belarusian sites, including the government websites of Russia and Belarus, the FSB and the Belarusian state news agency BelTA, among others.[12][16]
According to Reuters, the group targets Russian power grids and railways to prevent Russian infrastructure from reaching Ukraine.[2] This included technologies such as GLONASS.[2]
Eight hundred Russian websites, including Roscosmos, were attacked by the IT Army, from June 27 to July 10. They posted congratulatory messages to Ukrainian Constitution Day on those websites. Besides that, distributed denial of service attacks carried out by the IT army has crippled Russian ability to work on some CRM systems for extended periods.[17]
In September 2022 the group had reportedly collaborated with Anonymous to commit cyberattack against Yandex Taxi's systems, causing a traffic jam in Moscow.[19]
The group claimed to have hacked the website of Wagner group and stolen its personal data. On the defaced website, photos of dead soldiers were shown.[20]