The Russian government released a large list on Thursday containing 17,576 IP addresses and 166 domains it says are behind a series of distributed denial-of-service (DDoS) attacks directed against its domestic infrastructure as the ongoing Russia-Ukraine war escalates.
The US FBI, CIA and the websites of several media outlets such as USA Today, 24News.ge, megatv.ge, and Ukraine’s Korrespondent magazine were among the notable domains in the list released by Russia’s NCCCI. The agency’s recommendations to fight DDoS attacks include ringfencing network devices, enabling logging, changing passwords connected with key infrastructure pieces, turning off automatic software upgrades and disabling third-party plugins on websites.
The move comes as the ground conflict has been reinforced by a torrent of cyber attacks in the digital sphere, with hacktivist groups and other cyber actors assisting the two countries in attacking government and commercial websites and leaking massive amounts of personal data.
Even as major internet failures have been reported in several parts of Ukraine, such as Mariupol and Sumy, according to global internet access watchdog NetBlocks, Russia is alleged to have implemented extensive limitations on Facebook access within the country.
The US Treasury Department announced sanctions against a number of Russian oligarchs and entities for giving direct and indirect support to the government and conducting worldwide influence operations “aimed at creating discord on social issues in Ukraine.
Finally the researchers concluded that ,” Lone-wolf and organised threats actors with the right cyber abilities can attack their country’s adversary directly them in a coordinated attack. These operations, when combined with the employment of specific malware meant to ‘setup’ the physical battlefield, might become a more widely used approach to damage a country’s defence capabilities, essential infrastructure, communication streams.”