U.S. cybersecurity experts have summarized six ways in which the hacker organization “Anonymous” carried out cyberattacks on Russia , and commented on the effects of their attacks.
The Anonymous cyber attacks on Russia are mainly divided into six categories: first, intrusion into databases, publishing information on attacked entities or persons, or tampering with and deleting hacked files; second, attacking companies that continue to operate in Russia, including blocking websites , leaking company data, etc., thereby increasing the financial risk of the company continuing to operate in Russia; third, through distributed denial of service attacks to paralyze the website, causing key applications to be unusable or even stop operation and production; fourth, training low-level personnel to carry out basic mission to allow skilled hackers to launch more advanced attacks while providing cybersecurity assistance to Ukraine; fifth, hijacking media and streaming services to publish censored images and messages; and sixth, direct propaganda against Russian personnel, including hacking printers to Print anti-war and pro-Ukrainian messages, send messages to users of Russian social networking site VK, make phone calls, send emails and text messages, and more.
Cybersecurity experts say the ongoing activities of Anonymous have uncovered the “mystery” of Russia’s cybersecurity capabilities, putting the Russian government and its cybersecurity technology in an “embarrassment” position; It also rewrites the rules of how to crowdsource modern cyber-warfare; the massive amount of information leaked by Anonymous could prompt more network penetration, causing the system to “fall like dominoes.”
The Qi’an Internet Intelligence Bureau has compiled the relevant information for readers’ reference.
The ongoing activities of the hacker group Anonymous are putting Russia and its cybersecurity technology in an “embarrassment” situation.
Jeremiah Fowler, co-founder of US cybersecurity firm Security Discovery, said he has been following the hacking group Anonymous since it declared a “cyber war” against Russia.
“Anonymous makes Russia’s government and civilian cyber defenses vulnerable,” Fowler said. “The group has demystified Russia’s cyber capabilities and has successfully embarrassed Russian companies, government agencies, energy companies and others.” “This country may be the ‘Iron Curtain,’ but at the scale of the hacking army’s online attacks, it seems more like a ‘paper curtain,'” Fowler said.
“Anonymous” Claims Category Ranking
Fowler said Anonymous and its affiliates have not lost momentum despite the missile strikes grabbing headlines in recent days. Fowler summarizes the group’s many claims against Russia and divides them into six categories in order of effectiveness:
1. Invasion of the database
- Release of leaked information about members of the Russian military, the Central Bank of Russia, Roscosmos, oil and gas companies (Gazregion, Gazprom, Technotec), property management company Sawatzky, broadcaster VGTRK, IT company NPO VS, law firms, etc.
- Tampering and deleting of hacked files
Fowler said Anonymous claimed to have hacked more than 2,500 Russian and Belarusian websites. In some cases, the stolen data was leaked online in volumes so large that it took years to review, he said. “The biggest development will be the vast amount of records that are captured, encrypted or leaked online,” Fowler said.
Shmur Tikhun, a security researcher at threat intelligence firm Cyberint, also believes the amount of data leaked is “huge.” “We don’t even know what to do with all this information at the moment because we didn’t expect to get it in such a short period of time,” he said.
2. Attacks on companies that continue to do business in Russia
- Block websites of companies identified as continuing to do business in Russia
- Leaked 10GB of emails, passwords and other data belonging to Swiss food company Nestle. Nestlé said the claims were “unsubstantiated”.
In late March, a Twitter account called @YourAnonTV began posting the logos of companies it said were still doing business in Russia, with one post issuing an ultimatum to withdraw from Russia within 48 hours and threatening “or you will become Our target.”
By attacking these companies, hacker activists are increasing the financial risk of continuing to operate in Russia. “By tracking their data or disrupting their business, companies are at risk for much more than lost sales and some negative PR,” Fowler said.
3. Block websites
- Block Russian and Belarusian websites
- Internet outages at the St. Petersburg International Economic Forum delayed Russian President Vladimir Putin’s keynote speech by about 100 minutes
A distributed denial of service (DDoS) attack works by flooding a website with enough traffic to take it offline. A basic defense against such attacks is “geolocation blocking” of foreign IP addresses. By hacking Russian servers, Anonymous allegedly bypassed these defenses, Fowler said.
Contrary to popular belief, DDoS attacks are more than just minor inconveniences, says Fowler, “the owners of hacked servers are often unaware that their resources are being used to launch attacks on other servers and websites.” “During an attack, critical applications become unavailable and operations and production cease entirely. When services that governments and the public depend on become unavailable, there are financial and operational implications,” he said.
4. Training newcomers
- Train people how to launch DDoS attacks and mask their identities
- Cybersecurity assistance to Ukraine
Fowler said training new members allows Anonymous to expand its reach, brand name and capabilities. People want to get involved but don’t know how, and Anonymous fills that void by training lower-level actors to do basic tasks, he said.
This allows skilled hackers to launch more advanced attacks, such as those of the NB65. NB65, a hacking group affiliated with Anonymous, claimed on Twitter in July that it used “Russian ransomware” to take control of the domain, email servers, and workstations of a manufacturing plant operated by Russian power company Leningradsky Metallichesky Zavod.
“It’s like in sports where the pros go to the World Cup and the amateurs go to smaller venues, but everyone plays,” Fowler said.
5. Hijacking media and streaming services
● Display of censored images and messages on TV broadcasts such as Russia 24, Channel 1, Moscow 24, Wink and Ivi
● Attacks targeting national holidays intensified, including the hacking of Russian video platform RuTube and smart TV channel listings on Russia’s “Victory Day” (May 9) and the Russian real estate federal agency Rosreestr on Ukraine’s “Constitution Day” (June 28)
The tactic was designed to directly undermine Russian censorship of the war, but Fowler said the messages would only resonate with “those who want to hear it.” Those Russian citizens may already be using VPNs to bypass Russian censorship; others have been imprisoned or have chosen to leave Russia.
6. Direct contact with Russians
- Hacked printers and altered grocery receipts to print anti-war and pro-Ukrainian messages
- Send millions of calls, emails and texts to Russian citizens
- Send messages to users on the Russian social networking site VK
Of all the strategies, “this one is the most creative,” Fowler said, but those campaigns are winding down. Fowler said that so far, his research has not found any reason to doubt Anonymous’ claims.
How effective is “Anonymous”?
“The methods used by Anonymous against Russia are not only highly disruptive and effective but also rewrite the rules of how crowdsourced modern cyber warfare is conducted,” Fowler said. He said information gleaned from the database leak could reveal Criminal activity and “who is matching and where the money is going”.
However, security researcher Shmur Tikhon said most of the information is in Russian, and cyber experts, governments, hacker activists and everyday enthusiasts may scrutinize the data, but not as much as one might think.
Tijon also said he did not think criminal proceedings were likely. “A lot of the people who were hacked were sponsored by the Russian government, and I don’t think these people will be arrested any time soon,” he said. However, Tikhon said the leaks did go hand in hand.
Fowler echoed that sentiment, saying that once the network was infiltrated, the system would “fall like dominoes.” Hackers also often rely on other people’s leaks, a situation that Tikhon calls “a means of making a living” for the way they work. “This could be the start of a massive campaign that will come later,” he said.
A more immediate consequence of the hacking, Fowler and Tihon agreed, is that Russia’s cybersecurity defenses have been revealed to be far weaker than previously thought. However, Tikhon added that Russia’s offensive cyber capabilities are strong. “We expect the Russian government to show greater strength, at least in terms of their strategic assets such as banks and TV channels, especially government entities,” Tikhon said.
Fowler said that “Anonymous” lifted the veil on Russia’s cybersecurity practices, which “embarrassed and frustrated the Kremlin.”