A cyber attack carried out by a group called Belarusian Cyber Partisans (BCP) on Jan. 24 briefly paralyzed the Belarusian railway system and threatened to cripple trains bringing Russian troops and artillery into the country.
The attack, which was part of a broader project by the group targeting state institutions and the regime of longtime leader Alexander Lukashenko, could be a sign that activists in the wider region, including Russia, will employ more cyber tactics, they said Experts.
“The BCP were so spectacular and effective that I could definitely see a few other groups popping up in the region,” Gabriella Coleman, a Harvard University anthropology professor and author of two books on computer hacking, told the Moscow Times.
The number of hacktivist groups — activists who use technology to bring about social change — has increased raise across Russia in recent years and with brute force raids in public protests sweep In the entire post-Soviet region, cyberspace is perhaps the safest place for collective discord.
“Clearly in Russia there is a highly skilled technical class of people and there is discontent, so you would expect to find at least a small pocket of hacktivism,” Coleman added.
Hacktivist tactics, popularized by the group Anonymous over the past decade, have been responsible for a number of high-profile attacks across Russia, including a series of “hack and leaks” by cyber group Shaltai Boltai – which translates to “humpty dumpty “ means – the exposed Kremlin tactics in the 2014 annexation of Crimea.
Experts say a glut of tech specialists in Russia and the lack of a significant tech sector to employ them tends to attract those who feel disenfranchised in the world of hacktivism. But many more would-be hacktivists eventually become hackers.
“There’s just so much money to be made from illegal hacking,” Coleman said.
Additionally, an alleged tacit agreement between cybercriminals and the state has historically allowed hackers to operate in Russia with relative impunity provided they do not operate in the .ru domain.
A London time report Last year it was detailed how two of Russia’s most notorious hackers, Maksim Yakubets and Igor Turashev of the Evil Corp group, lead lavish lifestyles in Russia despite being behind the creation and distribution of malware that has killed over 100 million US Dollars have been stolen from banks, charities and financial institutions over the last decade.
As a spate of cyberattacks, including one that targeted 70 Ukrainian government websites last week, suggests cyberattacks are becoming a growing part of Putin’s playbook, the move to institutionalize those skills means capturing hackers as a potential asset to the State security to be considered a threat.
“There could be potential hacktivists working for the state,” Coleman said, adding that Russia is better equipped than Belarus to deal with cyber threats.
BCP set out to uncover the outdated institutions Lukashenko heads, said Yulia Shemetovets, a spokeswoman for the group.
“Many companies don’t even use licensed software; they use old computers and the regime does not invest enough money in these infrastructures,” she told the Moscow Times.
In contrast, Russia pledged 28 billion rubles ($362 million) for cybersecurity in 2020, building a series of “cyberpolygons” across the country to expand its cybersecurity training and education programs.
However, as Coleman pointed out, “security across the board is still not good enough. There are so many vulnerabilities.”
An October report in the Vedomosti business daily found that 16% of cyberattacks in Russia are carried out by hacktivists, with one in five cyberattacks being carried out against government institutions.
While many of these can be quickly foiled, Oleg Skulkin, head of the digital forensics and incident response team at cybersecurity firm Group-IB, told The Moscow Times that the threat of hacktivism should not be overlooked.
“The threat of hacktivism should not be underestimated. They are also cybercriminals, only their motivation is different. Their actions can cause just as much damage as traditional cybercrime attacks. As we can see, they can use the same methods and use the exact same tools,” Skulkin said.
Although hacktivism does not pose as much of a threat to the cyber community as financially motivated hackers, organizations have a greater chance of regaining control of the server if money can be used as a bargaining chip. When hacktivists target you, there is little you can do except submit to their demands, he said.
“The high risk of hacktivism and the fact that you need skill means that when you’re hacking, you’re never going to see any real mass movement,” Coleman said. But that doesn’t mean it can’t be used as an important tool of political opposition, she added.
“It’s something that’s entered the cultural imagination recently,” Coleman said, “the BCP isn’t the first to use sabotage, but it’s the first to be well organized and carry it out in a very deliberate way.” I think they really believe that these tactics can be used successfully.”