“We’ve never seen all these different players coming out like this before,” says Adam Meyers, vice president at the US cybersecurity firm CrowdStrike.
But when millions of people in city centers are under heavy artillery bombardment, what’s the real value of leaked databases and crippled websites? And how much of an impact has this international “army” really had? It’s hard to tell. When the IT Army sends out an IP address, the target does often go down—usually sooner rather than later. Many Russian sites now work only within Russia itself because they deny all connections from abroad, a defense against international attack without historical precedent on this scale.
But denial-of-service attacks are technically simple, easily reversible, and far less destructive than Russian missiles striking city centers and Ukrainian Molotov cocktails being thrown to repel the invading army.
All of this plays into the information war happening in both countries and around the world. Russia’s attacks against Ukrainian government and financial institutions in the days before the invasion seemed designed to undermine confidence in Kyiv’s leadership. Likewise, the Ukrainian government’s attempts to take down Russian government sites and launch its own messages inside Russia amount to Kyiv’s brand of information warfare. Ukrainian resistance on the ground and on the cyber front is bolstered by support from the West, a crucial lifeline when the country’s capital is almost entirely surrounded.
“Cyber is a tool leveraged in warfare and spycraft,” Meyers says. “There is an open armed conflict happening. This is no different than Ukraine asking people to come to the country to get a Kalashnikov and help fight the Russians on the ground.”
But the picture looks a bit different when you’re in Washington or London. For years Western governments have condemned cyberattacks from Russian soil. What happens now that Ukraine is openly appealing to hackers for help?
“Despite the United States government saying ‘We’re not allowing hacktivists to use American routers to do DDoS attacks on your state propaganda sites,’ Russia is probably not going to believe that,” says Michael E. van Landingham, a former Russia analyst at the CIA. “Russia uses cyber tools as an extension of state power. And Russian leaders mirror-image a lot. I think they’ll perceive attacks from Anonymous or any Western collective as attacks that Western governments promote.”
Much of what the IT Army of Ukraine is promoting is clearly a crime in the United States and every Western country. But the situation raises more than legal questions; it also forces new moral and geopolitical questions to the forefront.
“Governments in the West should strictly enforce laws against hacking against anyone who would attempt to deface or DDoS Russian sites or do anything [illegal] in the cyber realm,” says van Landingham. “That’s the only signaling we have to show it wasn’t a CIA plot, it wasn’t a Cyber Command attack—here’s the person, and here’s what we’re doing about it.”
Despite the chaotic environment, the seeming lack of verifiable major cyber operations coinciding with Russia’s invasion of Ukraine is one of the big unknowns looming over the entire war. Russia has launched devastating cyberattacks on Ukraine in recent years but so far has stuck with traditional warfare since its invasion. The question is whether it may still turn to cyber in the coming weeks and months as the war drags on.