How does Anonymous attack Russia? Top Six Ways Ranked
Members of the loosely connected collective known as Anonymous have been known to wear Guy Fawkes masks in public.
Jakub Porzycki | Nurphoto | Getty Images
The continued efforts of underground hacktivists known as Anonymous are “embarrassing” Russia and its cybersecurity technology.
That’s according to Jeremiah Fowler, co-founder of cybersecurity firm Security Discovery, who has been monitoring the hacker collective since it declared a “cyber war” on Russia for invading Ukraine.
“Anonymous made Russia’s government and civilian cyber defenses appear weak,” he told CNBC. “The group debunked Russia’s cyber capabilities and successfully embarrassed Russian businesses, government agencies, energy companies and others.”
“The country may have been the ‘Iron Curtain’,” he said, “but with the scale of these attacks by an army of online hackers, it’s more like a ‘paper curtain’.” .
The Russian embassies in Singapore and London did not immediately respond to CNBC’s request for comment.
Ranking of Anonymous claims
Although missile strikes are increasingly in the headlines these days, Anonymous and its affiliated groups are not losing steam, said Fowler, who summarized many of the collective’s claims against Russia in a report released Friday.
CNBC grouped Anonymous’ complaints into six categories, that Fowler helped rank in order of effectiveness:
1. Database Hacking
- Publication of leaked information about the Russian military, the Central Bank of Russia, the space agency Roscosmos, oil and gas companies (Gazregion, Gazprom, Technotec), the property management company Sawatzky, the broadcaster VGTRK, the IT company NPO VS, law firms and Suite
- Degrade and delete pirated files
Anonymous claimed to have hacked more than 2,500 Russian and Belarusian sites, Fowler said. In some cases, stolen data has leaked online, he said, in such large quantities that it will take years to examine.
“The most significant development would be the massive number of recordings taken, encrypted or posted online,” Fowler said.
The amount of information removed is more difficult to determine, said Jeremiah Fowler. “We may never know the actual number of documents erased or destroyed.”
Pashaignatov | Istock | Getty Images
Shmuel Gihon, a security researcher at threat intelligence firm Cyberint, agreed that the amount of leaked data is “enormous”.
“Right now we don’t even know what to do with all this information, because it’s something we didn’t expect to have in such a short time,” he said.
2. Target companies that continue to do business in Russia
In late March, a Twitter account named @YourAnonTV began posting logos of companies that were supposed to continue doing business in Russia, with a message issuing an ultimatum to withdraw from Russia in 48 hours “or you will be under our target. “.
By targeting these companies, the hacktivists are raising the financial stakes to continue operating in Russia.
“By attacking their data or disrupting their business, [companies] risk far more than lost sales and negative public relations,” Fowler said.
3. Website blocking
Distributed Denial of Service (DDoS) attacks work by flooding a website with enough traffic to knock it offline. A basic way to defend against them is “geolocation blocking” of foreign IP addresses. By hacking into Russian servers, Anonymous allegedly bypassed these defense mechanisms, Fowler said.
“The owners of hacked servers often have no idea that their resources are being used to launch attacks on other servers [and] websites,” he said.
Contrary to popular opinion, DDoS attacks are more than minor inconveniences, Fowler said.
“During the attack, critical applications become unavailable [and] operations and productivity come to a complete halt,” he said. “There is a financial and operational impact when the services that government and the general public rely on are not available.
4. Train new recruits
- Train people to launch DDoS attacks and mask their identities
- Providing cybersecurity assistance to Ukraine
Training new hires has allowed Anonymous to expand its reach, brand and capabilities, Fowler said.
People wanted to be involved, but didn’t know how, he said. Anonymous filled the void by training low-level actors to perform basic tasks, he said.
This has allowed skilled hackers to launch more advanced attacks, such as those by NB65, a hacking group affiliated with Anonymous who claimed this month on Twitter using “Russian ransomware” to take control of the domain, mail servers and workstations of a manufacturing plant operated by the Russian electricity company Leningradsky Metallichesky Zavod.
LMZ did not immediately respond to CNBC’s request for comment.
“Just like in sports,” Fowler said, “the pros get the World Cup and the amateurs get the smaller pitches, but everybody plays.”
5. Hijacking media and streaming services
- Display of censored images and messages on TV showssuch as Russia-24, Channel One, Moscow 24, Wink and Ivi
- Increased attacks during national holidays, including hacking of Russian video platform RuTube and smart TV channel listings on Russia’s “Victory Day” (May 9) and Russian federal real estate agency Rosreestr on “Constitution Day” of Ukraine (June 28)
The Rosreestr website is down, as of today’s publication. Jeremiah Fowler said he was likely taken offline by Russia to protect internal data after being hacked. “Russian journalists have often used Rosreestr data to track down officials’ luxury properties.”
The tactic is aimed at directly undermining Russian censorship of the war, but Fowler said the messages only resonate with “those who want to hear it.”
These Russian citizens may already be using VPNs to circumvent Russian censors; others have been imprisoned or choose to leave Russia.
Among those leaving Russia are the ‘super rich’ – some of whom are leaving for Dubai – as well as professionals working in journalism, technology, law and consulting.
6. Reaching Russians Directly
- Hacking printers and modifying grocery receipts to print anti-war and pro-Ukrainian messages
- Sending millions of calls, emails and text messages to Russian citizens
- Sending messages to users on the Russian social networking site VK
Of all the strategies, “this one stands out as the most creative,” Fowler said, though he said he believes those efforts are waning.
Fowler said his research has found no reason to doubt Anonymous’ claims so far.
“The methods used by Anonymous against Russia were not only highly disruptive and effective, but they also rewrote the rules of conduct for modern, outsourced cyber warfare,” Fowler said.
Information gathered from database breaches can show criminal activity as well as “who is pulling the strings and where the money is going”, he said.
However, most of the information is in Russian, Gihon said. He said cyber scientists, governments, hacktivists and everyday enthusiasts will likely be looking at the data, but it won’t be as many people as one might think.
Fowler said that while Anonymous has received public support for its efforts against Russia, “law enforcement and the cybersecurity community have never looked fondly on hacking or hacktivism.”
Bill Hinton | Moving Moments | Getty Images
Gihon also said he does not believe criminal charges are likely.
“A lot of people they compromised are sponsored by the Russian government,” he said. “I don’t see how these people are going to be arrested anytime soon.”
However, the leaks build on each other, Gihon said.
Fowler echoed that sentiment, saying that once a network is infiltrated, systems can “fall like dominoes.”
Hackers also often overlap each other’s leaks, a situation Gihon called “the bread and butter” of the way they work.
“It could be the start of massive campaigns that will come later,” he said.
The most immediate result of the hacks, Fowler and Gihon agreed, was that Russia’s cybersecurity defenses turned out to be much weaker than previously thought. However, Gihon added that Russia’s offensive cyber capabilities are strong.
“We expected to see more strength from the Russian government,” Gihon said, “at least when it comes to its strategic assets, such as banks and TV stations, and especially government entities.”
Anonymous lifted the lid on Russia’s cybersecurity practices, Fowler said, which is “both embarrassing and demoralizing for the Kremlin.”