How is Anonymous attacking Russia? Top six ways ranked
Members of the loosely connected collective known as Anonymous are known for wearing Guy Fawkes masks in public.
Jakub Porzycki | Nurphoto | beautiful pictures
The continued efforts of underground attackers known as Anonymous are “embarrassing” Russia and its cybersecurity technology.
That’s according to Jeremiah Fowler, co-founder of cybersecurity firm Security Discovery, who has been following the hacker collective ever since. it declared a “cyber war” with Russia for invading Ukraine.
“Anonymous has made Russia’s government and civilian cyber defenses weak,” he told CNBC. “This group has shed light on Russia’s cyber capabilities and succeeded in shaming Russian companies, government agencies, energy companies and others.”
“This country may be the ‘Iron Curtain’, but given the scale of these attacks by the army of cyber hackers, it seems like a ‘paper curtain’,” he said.
The Russian embassies in Singapore and London did not immediately respond to CNBC’s request for comment.
Anonymous Claims Rating’
Fowler, who has summarized many of the group’s claims against Russia, said: the report is published on friday.
CNBC has grouped Anonymous statements into six categories, which Fowler helped rank in order of efficiency:
1. Attack on the database
- Posted leaks about members of the Russian military, the Central Bank of Russia, the Roscosmos space agency, oil and gas companies (Gazregion, Gazprom, Technotec), Sawatzky asset management company, VGTRK TV station , IT company NPO VS, law firms and more
- Definition and removal of hacked files
Anonymous has claimed to have hacked more than 2,500 Russian and Belarusian websites, Fowler said. In some cases, stolen data was leaked OnlineWith such a large number, he said, it would take years to review.
“The biggest development will be the large number of recordings taken, encrypted or stored online,” said Fowler.
Jeremiah Fowler said the amount of information deleted is harder to determine. “We may never know how many records were actually wiped out or destroyed.”
Pashaignatov | Istock | beautiful pictures
Shmuel Gihon, a security researcher at threat intelligence firm Cyberint, agreed that the amount of leaked data was “massive”.
“We don’t even know what to do with all this information right now, because it’s something we didn’t expect to have in such a short amount of time,” he said.
2. Target companies continuing to do business in Russia
At the end of March, a Twitter account called @YourAnonTV began posting logos of companies believed to be still doing business in Russia, with one post giving an ultimatum to withdraw from Russia in 48 hours “or else.” You will be in our sights.”
By targeting these companies, hacktivists are increasing their financial stakes to continue operating in Russia.
“By tracking their data or causing disruption to their business, [companies] Fowler said.
3. Block websites
Distributed Denial of Service (DDoS) attacks work by flooding a website with enough traffic to take it offline. A basic way to combat them is to “geo-block” foreign IP addresses. By breaking into Russian servers, Anonymous was deliberately circumventing those defense mechanisms, Fowler said.
“Owners of hacked servers often don’t know their resources are being used to launch attacks on other servers. [and] website,” he said.
Contrary to popular opinion, DDoS attacks are not just minor inconveniences, Fowler said.
“During the attack, critical applications were unavailable [and] “There is a financial and operational impact when the services that the government and the public rely on are not available,” he said. ”
4. Train rookies
- Train people how to launch DDoS attacks and hide their identities
- Providing cybersecurity support to Ukraine
Fowler says training new recruits allows Anonymous to expand its reach, brand and capabilities.
People want to get involved, but don’t know how, he said. Anonymous has filled the void by training low-level actors to do basic tasks, he said.
This allows skilled hackers to perform more advanced attacks, such as those of NB65, an attack group affiliated with Anonymous. announced this month on Twitter used “Russian ransomware” to control the domain, email servers and workstations of a manufacturing plant run by Russian power company Leningradsky Metallichesky Zavod.
LMZ did not immediately respond to CNBC’s request for comment.
“Just like in sports,” said Fowler, “the pros get the World Cup and the amateurs get the smaller pitches, but everybody plays.”
5. Hijacking media and streaming services
- Show censored images and messages on TV showssuch as Russia-24, Channel One, Moscow 24, Wink and Ivi
- Attacks increase on national holidays, including attacks on Russian video platform RuTube and smart TV channel listings on Russia’s “Victory Day” (May 9) and related agency Russian real estate state Rosreestr on Ukraine’s “Constitution Day” (June 28)
The website for Rosreestr has been down as of today’s publication date. Jeremiah Fowler said it was most likely taken offline by Russia to protect internal data after it was hacked. “Russian journalists often use data from Rosreestr to track the luxury assets of officials.”
The tactic was aimed directly at undermining Russian censorship of the war, but Fowler said the messages only resonated with “those who wanted to hear it.”
Those Russian citizens may have used VPNs to bypass Russian censors; others have been jailed or are choosing to leave Russia.
Among those leaving Russia are “uber-rich” – some of whom are departing for Dubai – together with professionals working in the fields of journalism, technology, legal and consulting.
6. Direct access to Russians
- Hack into printers and change grocery store receipts to print anti-war and pro-Ukrainian messages
- Send millions of calls, emails and text messages to Russian citizens
- Send messages to users on the Russian social networking site VK
Of all the strategies, “this one is considered the most innovative,” says Fowler, although he believes these efforts are falling.
Fowler said his research to date has not found any reason to doubt Anonymous’ claims.
How effective is Anonymous?
“The methods Anonymous has used against Russia are not only groundbreaking and highly effective, but they also rewrite the rules of how to wage a modern cyberwar with its resources,” said Fowler. community”.
Information gathered from database breaches can reveal criminal activity as well as “who pulled the strings and where the money went,” he said.
However, most of the information is in Russian, Mr. Gihon said. He said cyber professionals, governments, hackers and everyday enthusiasts will likely look at the data, but it won’t be as much as people think.
Fowler said that while Anonymous has received public support for its anti-Russian efforts, “law enforcement and the cybersecurity community have never been interested in hacking or hacktivism.”
Bill Hinton | Moment Mobile | beautiful pictures
Gihon also said he does not believe there is a possibility of criminal prosecution.
“A lot of the people they have violated are sponsored by the Russian government,” he said. “I don’t know how soon these people will be caught.”
However, the leaks are related, Gihon said.
Fowler echoed that point, saying that once a network is compromised, systems can “fall like dominoes.”
Hackers also regularly circumvent each other’s leaks, a situation Gihon calls “bread and butter” in the way they work.
“This could be the start of big campaigns later on,” he said.
Fowler and Gihon agree that the immediate result of the hacks is that Russia’s cybersecurity defenses have been revealed to be much weaker than previously thought. However, Gihon added that Russia’s cyber capabilities are very strong.
“We expect to see more strength from the Russian government, at least when it comes to their strategic assets, such as banks and TV channels, and especially the Government agencies”.
Anonymous has lifted the veil over Russia’s cyber security operations, Fowler said, to the Kremlin’s “shame and dismay”.