Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

global security > reading 7 - conflict in space and cyber space > Flashcards

reading 7 - conflict in space and cyber space Flashcards

1
Q

the evolution of the IT army of Ukraine

intro

A
  • sep 2020 Belfer Center: National Cyber Power Index = Ukraine 26/30, Russia 4/30
  • sep 2022: Ukraine ranks 12/30, Russia 3/30

-> how did Ukraine jump 14 ranks within just 2 years? why is the 3 most powerful cyber nation unable to dominate Ukraine in cyberspace?

= calculating cyber power = inherently difficult, complex and maybe futile -> we don’t fully understand it
(Ukraine IT Army + ability to mobilize volunteers around the globe to perform DDoS attacks -> defies assumptions of centralization and state sov that underpin the term power)

barely existing public discussions on the IT Army doesn’t discount the relevance, effectiveness and impact the IT Army is already having

“The IT Army is Ukraine’s most effective and proven tool to wage economic and information warfare in and through cyberspace against the Russian Federation. In its current form, it is neither civilian nor military, neither public nor private, neither local nor international, and neither lawful nor unlawful. The IT Army is a unique phenomenon the
world has never seen before.”

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

the evolution of the IT army of Ukraine

  • what is the IT Army of Ukraine?
A

Federov (minister of digital transformations) = IT Army of Ukraine

  • Federov saw achieving dominance in the information warfare space (i.e. propaganda) was necessary to increase public support oft he gov
  • Feb 26 Telegram channel where anyone across the globe could access relevant info

first task = use any vector of cyber and DDoS attacks on 31 Russian banks, businesses, and gov websites = IT Army really efficient DDoS (keeping sites down for weeks)

eco-system has latched onto activities of the IT Army: other DDoS groups, tool developers, hacktivists, data leak hosting platforms, code hosting platform (GitHub, owned by Microsoft)

IT Army also maintains in-house team:

  • deface Russian websites to spread disinformation and sow mistrust
  • almost took out RuTube
  • sabotage Rossgram (instagram clone)
  • breached network of LOESK thermal power plant -> could manipulate electricity in St. Petersburg and Leningrad oblast + leaked internal documents and passports scans
  • campaign against Gazprombank (which the bank recognized was well done)

managerial takeover of IT Army by the Ukrainian intelligence service and ministry of defense –> more refined, intelligent, targeting process

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

the evolution of the IT army of Ukraine
what makes the IT Army problematic?

A

IT Army assembles, trains and directs people across the globe to participate

-> NATO nor EU member states have figured out what the legal status of those citizens is + who are participating while being in NATO/EU territory

IT Army’s targeting selection has expanded -> target unis to obstruct enrollment + websites of pharmacies, food delivery systems, movie theaters etc. = to disrupt society and econ at large

EU no clue how to categorize/handle EU citizens that participate in the IT Army = they are cyber criminals that need to be prosecuted, but how?

first look into the organization = Dutch interview with Dutch Special Forces veteran part of the inner circle of the IT Army -> ~25-30 generals form the management (employees of secret service + Ukrainian gov), colonels (incl. the interviewee) below that are manually selected and participate in offensive actions

  • participants should be seen as replaceable and discardable pawns used by Kyiv
  • BUT: few volunteers realize if you actively participate in cyber war, you are automatically considered a combatant in that war

volunteers that actively contact the IT Army to offer their skills and get accepted likely have previous intelligence or military experience

it is unclear how many volunteers apply, but they are looking for a separate person to manage it -> suggests its a lot

another issue = people are urged to use virtual private networks (VPNs) for their DDoS attacks -> ability to cloak your public IP behind a server in another country
- or use virtual machines (VMs): virtual machine on the cloud server will run the attack

two additional problem sets:

  1. IT Army officially partnered with IPStress.in = cybercriminal enterprise
  2. cloud service providers IT Army misuses are hosting Ukrainian gov data -> unclear whether and how Amazon, Microsoft and Google are balancing risks between helping the Ukrainian gov survive and its own servies and infrastructure being misused by the IT Army
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

the evolution of the IT army of Ukraine

  • where is the IT Army evolving toward?
A

it is flexible and well-managed enough to evolve

IT Army has been attempting to counter-act and find workable solutions to stem the continuous decrease in user participation
(losing costumers bc: not seen as novel anymore + boredom due to repetitive tasking + ongoing kinetic war remains largely unaffected)

  • introduce way for people to track their own personal DDoS statistics
  • set Telegram bot to automate the timing of the DDoS attacks = no longer have to do it themselves

= direction towards automatization and gamification

overall the IT Army of Ukraine will highly likely become the first Ukrainian advanced persistent threat (APT) actor

  • APT = state actor that uses continuous, clandestine and sophisticated hacking techniques to gain access to a system and remain inside for a prolonged period of time, with potentially destructive consequences
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

the evolution of the IT army of Ukraine
is the IT Army a model for others to emulate?

A

govs around the world will likely adapt, emulate and learn from the multitudes of ad-hoc projects that are currently enabling the Ukrainian gov to resist and fight back against Russia in and through the cyber space

Western militaries will likely be unable to officially stand-up their own versions of the IT Army: domestic legal hurdles + growing awareness the IT Army setup likely violates int’l law (state sovereignty) + undermines norms regarding state behavior

instead: intelligence services likely take the lead in outlining, pre-planning and testing a variety of IT Army-like structures, narratives and trigger events that will mobilize volunteers around the globe into action when needed

  • social causes and non-governmental organizations might potentially be used as cover identities or might be indirectly enabled to replicate ad-hoc IT Army-like structures to run their own campaigns in and through cyberspace.

another worrying potential = shift from DDoS to popularizatino of other attaack vectors (e.g. ransomware campaigns)

Taiwan’s intelligence community might be likeliest to succesfully replicate current IT Army setup in reaction to imminent/ongoing Chinese invasion of the island: IT Army would likely continue activities even after the capital has fallen (the one entity that can contiue to fight and evolve no matter dev on the kinetic battlefield)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

global security (25 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions