Fighting the aggressor on the cyber front: How Ukraine’s IT army works

On February 26, the Ministry of Digital Transformation initiated the creation of the IT Army of Ukraine. Its main task is to fight the aggressor country online. AIN.Capital journalist spoke to Mstyslav Banik, head of electronic services development at the Ministry of Digital Transformation, who shared the tasks of the IT Army and the results of its fight on the cyber front in 20 days of the war.

What the IT Army is and how to join

IT Army of Ukraine is a volunteer initiative. It unites over 260,000 Ukrainian and international IT specialists, cyber specialists, creative industry workers, and other people fighting against the occupant online. Anyone can join the cyber army. Just subscribe to the Telegram channel of the IT Army of Ukraine project, which publishes current tasks.

How the cyber army works and its achievements

“The actions of the IT army are primarily aimed at disrupting the availability of Russia’s digital resources. In the first days of the war, the main task of the specialists was to paralyze the websites of state institutions and corporations,” says Mstyslav Banik, head of electronic services development in the Ministry of Digital Transformation. However, given that the population and businesses of the aggressor country supported the actions of the Russian leadership in every possible way, the IT army began to attack the resources they use.

Thus, a few days after Russia attacked Ukraine, the Russian media wrote en masse about large-scale and unprecedented cyberattacks on their government service sites. We are talking about more than 50 DDoS attacks with a capacity of more than 1 TB.

In just a few minutes, we shut down the Russian government services portal, the Moscow Exchange, websites of TASS, Kommersant, Fontanka, and other leading Russian media outlets. Ukrainian cyber forces are working, Russian sites are resting,” Banik said.

The attack vector of the IT army forms dynamically, but the main ones are the following:

• the resources of government agencies;
• corporations;
• telecom operators;
• banks;
• credit unions;
• electronic digital signature services;
• a number of consumer services used by the population: food delivery services, cinemas, pharmacies.

IT army specialists often take a creative approach to tasks. For example, this is how the websites of the Federal Penitentiary Service, the Ministry of Culture, the Ministry of Energy, Rosatom, and several other Russian institutions looked after the March 8 cyberattacks:

In addition to blocking Russian resources, the IT Army’s tasks include disseminating truthful information about the war in Ukraine to the population of the aggressor country and pressuring companies that do not want to withdraw their businesses from Russia. One of the most recent cases is the German supermarket chain METRO. The task of the IT Army was to leave a negative comment on the company’s Facebook page with the following content: Russia started the war in Ukraine. Russia kills innocent people in Ukraine. You support Putin and Russian aggression. Still clear consciousness? #shameonmetro #StopFinancingRussia. After that, IT soldiers would go to Google Maps and crash the METRO page ranking there.

“Russia has never been under such pressure or suffered such losses. Ukrainians are rallying to protect their state, families, and homeland. No one stands aside. Every crime, every shelling that the invaders commit against Ukraine unites everyone even more,” Mstyslav Banik emphasizes.