Russian military vehicles on the city street showing hacker collective Anonymous waging cyber war

“Anonymous” Hacker Collective Declares Cyber War Against Russian Government Over Ukraine Invasion

The hacker collective “Anonymous,” famous for engaging in hacktivism campaigns since the early 2000s, has pledged to digitally fight against Russia as it invades Ukraine. The group has been active in its cyber war in the early days, leaking Russian Ministry of Defense documents and cutting into Russian television feeds among other actions.

The move continues a sharp focus on activism for the group, which has ranged across a broad variety of targets (from NASA and the Canadian government to ISIS and the Ku Klux Klan). After a period of dormancy that lasted several years, the group re-emerged in 2020 with a long string of campaigns that appear to strongly favor Democrat domestic political interests and general United States foreign policy positions. The group’s alignments raise the question of its actions being viewed as a US-supported attack on Russia, possibly escalating the situation and leading to retaliation as the hacker collective threatens to take the country’s industrial control systems “hostage.”

Hacker collective looks to stymie Russian advance with doxxing, information warfare

Non-technical media reporting on Anonymous often confuses the hacker collective with a discrete group operating in a formal hierarchy. A more accurate description is a general banner under which individual actors can choose to organize for any specific or limited purpose.

The confusion is understandable given the recent change in direction the group has experienced, particularly the way it has crystallized around the “youranoncentral” and “youranonnews” Twitter accounts (at least in terms of public and media perception of the group). Both accounts were founded in early 2011 and were relatively low profile for most of their existence, but experienced a sudden surge of millions of followers in 2020 and have essentially become the public relations face of the movement.

The idea of a public media presence of this nature would likely have been confusing and ridiculous to the original participants organizing on 4Chan in the early-mid 00s, who mostly focused on “raids” of gaming and media sites “for the lulz” with little to nothing of an activism component. The activist turn began roughly around 2010, gradually building to the point that the group (at least as reflected by the two most popular Twitter accounts) appears to be something of an unofficial private security or mercenary company that usually finds itself in alignment with Western intelligence agencies.

This present incarnation of the hacker collective opened up its cyber war against Russia by temporarily taking down a number of government websites, including those of the Kremlin and the Defense Ministry, as well as that of media company Russia Today (RT). A “soft power” news network broadcast widely around the world (and long considered a propaganda outlet for the Putin administration), RT has also since been banned by the European Union and voluntarily dropped by some US service providers such as DirecTV. The sites were taken down with distributed denial of service (DDoS) attacks, and have reportedly been going up and down for several days.

The opening salvo of the cyber war was accompanied by a message of intent posted on Twitter: “The Anonymous collective is officially in cyber war against the Russian government. #Anonymous #Ukraine.” The Kremlin denies that the hacker collective is responsible for the site outages, but did not offer an alternate explanation.

Anonymous has since ramped up its cyber war with a doxxing campaign. The group has released 200 GB of documents and emails belonging to the Russian Ministry of Defense, and an additional 200 GB of emails from Belarusian weapons manufacturer Tetraedr (which has provided logistical support to Russia during the invasion). The hacker collective has also reportedly hacked several Russian state-run TV stations and inserted alternate news coverage and annoying songs into broadcasts.

Could a private cyber war cause escalation?

One of the central factors in the global response to Russia is that country’s massive nuclear arsenal, and a desire to avoid NATO involvement in a war that could spiral into something even more serious for the entire world. Thus far, the hacker collective’s actions are still close enough to the “cyber mischief” category that they are unlikely to prompt some sort of incendiary response.

However, it is possible that could change if Anonymous follows through on a threat to attack Russia’s industrial control systems. A claimed attack on Russia’s space agency, which a group aligned with Anonymous says disabled the country’s spy satellites, is being denied by the Kremlin. However, in its response to the story Russia said that it would take an attack on its satellites as an act of cyber war. One might assume the same for an attack on aspects of critical infrastructure, such as the power grid and water supplies.

Of course, accusations of cyber war would be difficult to justify as the hacker collective is not officially affiliated with any nation-state. However, it is hard not to notice how it has aligned specifically with US interests since 2020 (and particularly the ruling Democrat party). At minimum, Russia might use Anonymous’s public Twitter history as justification to accuse the US and EU of harboring cyber criminal elements in the same way that Russia has been known to harbor ransomware gangs.