15 September 2022

Ukraine is fighting both a physical and cyber war against Russia

MICHEL MARTIN

Today, Ukrainian forces entered a key transportation and supply hub for the Russian military, a move even Russia's defense ministry confirmed. It follows a rapid advance by Ukrainian forces to retake ground in the northeastern part of the country. It could signal an important turning point in this six-month-old conflict, where Ukraine has been forced to defend itself against both conventional warfare and a more recent phenomenon, cyberattack. That's where we turn now.

Since shortly after the war began, Ukrainian leaders in Kyiv made an unusual ask. They called on IT professionals in Ukraine and around the world to help defend the nation against cyberattacks. IT professionals went to their keyboards to help. And in the six months since the invasion, Ukraine and its international allies have become more organized, more focused and more determined than ever to keep Russian hackers on the back foot. Dina Temple-Raston is the host and executive producer of the "Click Here" podcast. She's been talking to members of the IT Army of Ukraine, and she's with us now to tell us more about how things have developed. Welcome back. Thanks so much for joining us, Dina.

DINA TEMPLE-RASTON: You're welcome.

MARTIN: So you've spoke with one of the people who is an administrator of the group. How has the IT army changed since the start of the war?

TEMPLE-RASTON: So they have all these Telegram channels, which are basically ways to chat with people in an encrypted way. So you can't tell who they are. And hundreds of thousands of people are on these Telegram channels. And in the beginning, they had these problems with hackers essentially stepping on each other's toes. So all these people are trying to help, right? And then they have someone who may be a higher-level hacker hacking into a transportation network in Russia. And then all these sort of lower-level hackers would suddenly launch what's called a denial of service attack, which basically sort of takes down a server. And then that would undo everything that the upper hacker was trying to do. So when we talked to the IT administrator, he told us that that was much less of a problem. And I think we have some tape about that.

UNIDENTIFIED IT ADMINISTRATOR: You know, we became some sort of IT company with management, with higher people, lower people, if I can say so. We all know our responsibilities, our tasks.

TEMPLE-RASTON: And he said that this big team of professionals was probably about 25 people who basically make most of the targeting decisions on what the army is going to look to try and hack in Russia. And basically, what happens is ideas for hacks happen down below and then they get pushed up the chain to these 25 people. So that's one of the big changes in the past six months.

MARTIN: So remind us again of, what's the goal here? I mean, and maybe another way of saying that is, what are they targeting in these cyberattacks?

TEMPLE-RASTON: Well, the goal is basically to keep Russian hackers busy. I mean, we know a lot about how Russian hackers are supposed to be so good at hacking into various systems. But what we've learned from the last six months is that they need time to plan. And if they don't have time for planning, it makes it very hard for them to launch something offensively. So IT admin was a little vague about exactly what they're targeting. He always said it's better not to talk about specifics. But he did talk about one, and it was one that I think he was incredibly proud of. And that was - there was this kind of Russian Davos, like this economic forum that happened back in June. And what the IT Army did is they launched this huge denial of service attack, which basically took down their servers. And it delayed Vladimir Putin's opening speech by about an hour. Now, that's not a huge deal. That doesn't stop Russia from fighting. But it's embarrassing, and that's what they wanted. They wanted to basically embarrass him.

MARTIN: So they're not trying to do, say, really big attacks like, you know, take down power grids or whole systems. They're not trying to do that?

TEMPLE-RASTON: No. They're more trying to be irritating, which they're doing very well. I mean, the idea is to keep the Russian hackers busy defending Russian targets instead of allowing them to sort of launch plans against Ukraine. And even the government of Ukraine has said that the IT army has been really surprisingly effective in this way. There's a guy named Victor Zhora, who's one of the key people in Ukraine protecting, you know, sort of the infrastructure networks. And he actually tipped his hat recently to the IT Army. This is what he said.

(SOUNDBITE OF ARCHIVED RECORDING)

VICTOR ZHORA: I don't think it's a good idea to discuss the effectiveness or moral aspects of IT Army. But all of Ukrainians are grateful to people who continue to weaken our adversary.

MARTIN: Let me just ask you this. He mentioned moral aspects of the IT Army. What's he talking about here? Is there some controversy surrounding the group?

TEMPLE-RASTON: Well, there is a little controversy. It was the one thing that IT admin wouldn't talk to us about. And it has to do with this. There's a facial recognition software that they're using in Ukraine. And what the IT Army did is it got a login to get into the system. And it started taking pictures of Russian soldiers who had been killed and then sending those pictures to their families because it was identifying them - right? - and saying, this is what happened to your son. It was sort of like a modern-day Tokyo Rose, you know, attempt to sort of erode morale and support for the war in Russia. And, you know, you have to wonder whether or not this is a good use of the technology or if this is the sort of thing that the IT Army ought to be doing. And so everybody's tried to distance themselves a bit from that. And that's why he's talking about the morality of this.

MARTIN: Is there a way to assess whether the IT Army has played a significant role in the course of the war? Do you have any sense of - do they have any sense of their role this grinding, difficult conflict?

TEMPLE-RASTON: This is the first modern war in which cyber and kinetic operations are used hand in hand. And there are things you could do, like take down a power grid, or in the case the Russians did do, they took down a satellite system using cyber. So it made it really hard to do command control on the ground - for the Ukrainians to do command and control on the ground in the early days of the war. So, yes, that makes a difference.

What the IT Army is doing is basically making it hard for Russian hackers to do the sorts of things that they did in the front end of the war like take down the satellite system or try to plant malware in utilities. And I think this is something we may not see on the ground right now. But when we come back to this, after it's over, I think we're going to find out that cyber can cut both ways. It can seem like something that can help you on the ground, but it also can be something that distracts you from what's going on on the ground.

No comments: