Ukraine ‘hacktivists’ fighting Russia on digital front
When Russia invaded Ukraine in February 2022, Artem knew that he would not “sit idly by”.
With no military experience, he took up arms in a different way: in cyberwarfare, fighting on what he calls the “digital front”.
The 31-year-old is part of the IT Army of Ukraine — a group of volunteer hackers first set up in the wake of Russia’s devastating attack, that has since hugely grown in importance.
It is one of a flurry of hacker groups that have flourished in wartime, countering Russia from behind their screens and operating in a legal grey area.
“We are causing moral and economic damage to the aggressor country,” Artem, who did not want to give his surname, told AFP in a Kyiv cafe.
The hacker group was born out of a call 48 hours into Russia’s invasion by Ukraine’s Digital Transformation Minister Mikhailo Fedorov for Kyiv to create an “IT army”.
‘Worrying trend’
On paper, Ukraine’s volunteer hacker groups are independent from the state.
But three groups of hackers AFP spoke to said they have strong links with authorities, with some openly carrying out joint operations with Ukraine’s intelligence services.
On the other side of the digital frontline sit Russia’s own hackers, who boast a long established reputation as fiercely effective.
Hacker volunteers like Artem — who carried a backpack with a Ukrainian trident on it — have caused some concern internationally, as the trend puts civilians at the heart of wartime operations.
“Civilians engaging in digital warfare is a worrying trend,” the International Committee of the Red Cross (ICRC) has said.
International law does not prohibit hacking outright, but it imposes clear rules, such as not hitting civilian targets, according to the ICRC.
Artem stressed that he sees himself not as a hacker per se, but as a “hacktivist.”
“These are different concepts. A hacker is more about hacking and stealing,” he said, claiming that his group has ethical norms.
“But our country is at war, and we believe we have the right to defend ourselves on all fronts.”
‘Red lines’
The IT Army of Ukraine said it has some “red lines,” insisting it does not attack humanitarian or health services.
But it sees financial sectors as legitimate targets, even if attacks affect civilians.
“Cyber war is a war against the economy,” a spokesman for the group who uses the pseudonym Ted, told AFP.
Ted sees his work on par with massive Western sanctions on Russia.
He conceded there should be stricter rules in cyberwarfare, but added: “Let’s be frank, what punishment can we impose on Russia for not following the rules? Nothing.”
The IT Army of Ukraine has boasted of disrupting life in Russia.
It claims to have blocked payment services in Russia before the New Year, causing economic losses, and to have paralysed some Russian airports last October.
They typically use distributed-denial-of-service (DDos) attacks — a relatively simple tactic that aims to bring down IT systems by overloading them with masses of network requests.
‘Extra hands’
Other cyberwarfare groups have said they are more focused on collecting confidential information.
One of them, the Cyber Regiment which is made up of around 50 people, said it helped Ukrainian forces to localise and “destroy” dozens of Russian units.
AFP was not able to verify these claims.
Sergii Laba and Mikhail Kunynets, Cyber Regiment’s co-founders, insisted they do not take “orders” from authorities.
But they admitted to helping with requests from security services.
“After all, we have the same goal,” said Laba.
He said the cyber volunteers serve as “extra hands” for the security services, which face a far larger enemy.
Nikita Knysh, of the “Hackyourmom” group, describes a similar relationship.
“Do they pay me? No. Do I send them information? Yes,” he said.
He said he was employed by Ukraine’s SBU security service before Russia invaded.
“If you can hack, they will always want to use your services,” he said.
‘Recognition’
Ted, of the IT Army of Ukraine, said the group has an “unofficial” relationship with authorities.
In February, the group had claimed an attack alongside the country’s GUR military intelligence against a piece of Russian drone control software.
Ukraine’s Digital Transformation ministry declined to comment when contacted by AFP.
But Ted said that “as long as there is a grey area,” the authorities cannot openly show their support to the hackers in order to avoid legal consequences.
He hoped that the IT Army of Ukraine will one day operate within the “legal space” — something that could secure the country’s computer warriors, now operating largely in the shadows, more awareness and gratitude.
“People who gave so much time to this at least want some official recognition.”