Russia-Ukraine, who are the soldiers that crowd cyberspace?

While Russia is invading Ukraine, multiple forces are joining in the conflict, especially in the cyber space, let’s analyze them

The analysis of the current scenario in cyberspace is not easy due to the presence of multiple threat actors and the difficulty of attributing the attacks.

Security group CyberKnow shared an interesting analysis about the group, their operations and the channels they are using to disclose their operations.

As reported in the following table published by CyberKnow, Russian and Belarussian APT groups (Gamaredon, SandWorm, GhostWrite), ransomware gangs like Conti and Stormous, and groups of alleged activists like are supporting Russia.

Update 3–2 March cyber group tracker: Ukraine-Russia war 2022. – Source CyberKnown

“Here we are, the third update of the Cyber group tracker for the Ukraine-Russia war and I continue to add more groups each day. I am still amazed about the number of groups. It seems with every attack new groups are entering the battle.” reads the post of CyberKnown.

“It continues to be congested and contested — this is an insight into what the global community can expect in any future conflict big or small.”

The level of entropy is maximum and could advantage information warfare operarations and false flag activities.

Recent data leaks of Conti gangs and Trickbot operation revealed support and relationship with the Russian intelligence, this is a scaring scenario because could rapidly extend the battlefield to international organizations operating on a global scale.

The activity of Anonymous and its affiliates could be exploited by nation-state actors to carry out parallel, independent and stealth operations that are advantaged by the pressure of the popular activist on Russian targets.

The attribution of these attacks is quite impossible for this important it is essential to share information on threat actors, this is the only way to dissolve this thick fog.

For real-time updates: https://twitter.com/Cyberknow20

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Ukraine)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.