Ukraine is under cyberattack. A small, roving group of hackers called CyberBerkut is trying to humiliate the pro-Western government in Kiev by leaking details on everything from government officials’ personal lives to international arms deals. But, even scarier, CyberBerkut is using methods that pale in comparison to the much larger, more sophisticated digital cannon that can be traced straight back to the Kremlin.
CyberBerkut is a pro-Moscow hacking collective that has breached Ukrainian government and military networks and launched distributed denial-of-service attacks against Western targets, all in an attempt to embarrass Ukraine while conveniently boosting the hackers’ own profile.
This week the group leaked documents to Russian media that seem to prove a Ukrainian state-owned defense company is planning to sell fragmentation bombs to Qatar. Last month Russian media alsopublished documents (provided by CyberBerkut) insinuating that Ukraine sold surface-to-air missiles to Qatar and, ultimately, the Islamic State group (a favorite claim of Russian and Iranian state media).
It’s all part of a propaganda campaign starring Russia’s own version of Anonymous. The group, made up of at least four people who came together in 2014, is the most visible example of a proxy hacking collective launching strikes against Ukraine — with at least implied authorization from the Kremlin.
Researchers have tracked the group to Ukraine, where a sizable segment of the population in the eastern region of the country is more sympathetic to Russian influence.
“They’re Ukrainians,” said Mikko Hypponen, chief research officer at F-Secure, a cybersecurity company that closely tracks Russian cybercrime. “It’s a voluntary cyber offensive unit that’s not closely affiliated with any government. All the ex-Soviet countries — including Russia, Estonia, Latvia and of course Ukraine — have always been very active in regards to cyber. If you look at the map CyberBerkut is located right in the middle of that.”