Ukraine, Russia, hacking, and misinformation

Note: This was originally published as the daily newsletter for the Columbia Journalism Review, where I am the chief digital writer

As soldiers and civilians in Ukraine continue to resist an invasion by Russian troops. a very different kind of war is being fought on a separate front: namely, the internet. Within hours of Russian troops attacking cities and government facilities in Ukraine, hackers—including some who claimed to be affiliated with the underground group known as Anonymous—went after a number of Russian government sites and systems. Some of these cyber-attacks appeared to be designed just to cause annoyance, while others were aimed at shutting down the Russian government’s operational abilities, or revealing what military intelligence officials in Russia might know. Along with the hacking of computer systems, the battle has also seen attempts by Russia to hack information networks, by using propaganda and misinformation on social and traditional media.

Some of the cyber-hacking attempts are from random vigilantes trying to have some impact on the broader conflict, but some were invited by the Ukrainian government itself. Messages started to appear on a variety of hacker forums starting Thursday morning asking for volunteers to protect critical infrastructure and conduct cyber missions against Russia, according to a report from Reuters. “Ukrainian cybercommunity! It’s time to get involved in the cyber defense of our country,” the posts read, asking hackers to apply via Google docs. Yegor Aushev, co-founder of a cybersecurity company in Kyiv, told Reuters he was asked to write the post by a senior Defense Ministry official.

Groups of pro-Ukrainian hackers have also come together to launch a variety of attacks on Russian infrastructure and command-and-control systems, Politico reported. And a group of “hacktivists” based in Belarus who are opposed to Russia’s invasion, known as the Belarusian Cyber Partisans, said they have created a tactical organization to help Ukraine’s military fight against Russia. The group claimed in January that it had encrypted parts of the computer systems used by the state railway in Belarus, in an attempt to slow down the movement of troops by rail, since the government in Belarus is friendly towards Russia and attacks on Ukraine might begin there (which they did).

One of the main things Ukrainian officials wanted hackers and cybersecurity experts to do is protect the country’s critical infrastructure from Russian hackers. This is more than a theoretical threat: in 2015, a cyberattack crippled power plants and left 225,000 Ukrainians without electricity, and many believe hackers affiliated with the Russian government caused the outage. Last week, a piece of malicious software—one that infects computers and then wipes them of data—was found on a number of critical systems in Ukraine, including several government agencies and a financial institution, and suspicion has fallen on Russia as the source of the cyber-attack.

In July of 2017, the night before Ukrainian Constitution Day, a major global cyber attack that later came to be known as NotPetya caused an estimated $10 billion in damages globally, and about 80 percent of the infections occurred in Ukraine, according to a number of analysts. The consensus among a number of countries, including the US and UK, is that Russia was behind the attack, which leveraged a kind of attack that the National Security Agency in the US has used in the past (the attack methods were leaked in 2017). And while some hackers have aligned themselves with Ukraine, others have made it clear they are on Russia’s side: the Conti ransomware operation, for example, has threatened attacks on Ukrainian infrastructure, according to security analyst Brett Callow.

In terms of attacks and defensive measures in social media, Russia’s state censor announced late last week that it would start throttling access to Facebook because the social network limited the reach of Russian media outlets, according to Kevin Rothrock, an editor with the independent media outlet Meduza, which publishes news about Russia in English, and is based in Latvia. YouTube announced on the weekend that Russia Today, the state media outlet, would no longer be allowed to monetize its content on the video-sharing network, and Russian media outlets will not be allowed to advertise on other Google services such as Gmail either, the company said.

Along with the hackers for both governments, the ones that have been officially drafted and the ones that have volunteered, there are also social-media accounts filling a different role that is also commonplace during wartime: namely, profiteers. Taylor Lorenz wrote for Input magazine about a wave of Instagram accounts that have been posting misinformation about the conflict in Ukraine—not because they are working for Russia or Ukraine, or even care about the specifics of the conflict, but because they want to go viral, in order to generate as much advertising revenue as they can. “What I’m trying to do is get as many followers as possible by using my platform and skills,” the administrator for @livefromukraine and @POVwarfare told Lorenz.

Here’s more on the Russia/Ukraine conflict:

Intelligence: The Harvard Gazette spoke with Lauren Zabierek, a former intelligence officer in the Air Force and currently director of the Cyber Project at Harvard’s Belfer Center for Science and International Affairs, about Russia’s cyberwarfare capabilities, and what a cyberattack against the U.S. might look like. “We don’t have any indications of immediate attack,” she said, “but we do know that Russians have at least conducted reconnaissance activities against our critical infrastructure for years and may have implanted some sort of tools to impact these services in response to US or allied foreign policy action.”

Free tools: Runa Sandvik, a security analyst who has worked with journalists at the New York Times and Freedom of the Press Foundation, offered on Twitter to give any journalists in Ukraine free virtual private network accounts so they could access the internet anonymously. And FlokiNET, a hosting service based in Finland that says it provides a safe place for activists and whistleblowers, offered its tools to journalists as well: “If you are Ukrainian journalist / newsagency and require ressources like webspace / server / ddos protection please reach out to us we want to offer you our infrastructure.”

Debunking: Renee DiResta, technical research manager at the Stanford Internet Observatory, said on Twitter that “the proliferation of video content purportedly coming out of conflicts zones is a challenge for debunkers, but nearly impossible for ordinary audiences. Reverse image search doesn’t perform well [and] it’s essentially impossible to do from an app like TikTok.” Jared Holt and Sam Thielman put together an edition of their newsletter with links to reputable sources for information on the Russian invasion of Ukraine, including Bellingcat and Jane Lytvynenko of Harvard’s Shorenstein Center.

Other notable stories:

The European Union said Sunday it would ban media outlets Russia Today and Sputnik, according to a report from Variety. Ursula von der Leyen, the president of the European Commission, said that the EU would ban “Kremlin’s media machine,” and that RT and Sputnik, as well as their subsidiaries, would no longer be able to “spread their lies to justify Putin’s war and to sow division in our union.” Von der Leyen also said the EU was developing tools to “ban the toxic and harmful disinformation in Europe.” In Britain, RT is under review by the media regulator, and it was suspended in Australia on Saturday.

CNN determined that the network’s former marketing chief provided guidance to then-anchor Chris Cuomo as he tried to help then-New York Gov. Andrew Cuomo deal with allegations of sexual misconduct, the Wall Street Journal reported, quoting people familiar with the matter. Allison Gollust, who resigned last week as CNN’s marketing and communications chief, “denied offering advice to Andrew Cuomo and said the notion that her communications with Chris Cuomo could be considered as such was ‘patently ridiculous.’”

Vice writes about Elena Chernenko, a journalist for the Moscow daily Kommersant, who woke up Friday to find out that her access to government officials had suddenly been revoked. “Her crime? Publishing an open letter not criticizing the government but voicing her opposition to war. Over 280 other journalists signed Chernenko’s letter, including some who are employed directly by the Kremlin at state-run news agencies.”

The International Coalition of Investigative Journalists helped create a partnership of more than 30 media companies in 22 countries to investigate leaked documents from Ericsson, which the ICIJ says “detail alleged corrupt practices in 15 countries, including in Iraq, where the Swedish telecom giant may have made payments to ISIS.” The leaked documents include 73 pages of the explosive 79-page internal report, which presented the findings of a fraud investigation into an Iraqi project called Peroza.

Kyle Pope, editor of CJR, writes about the crisis in Ukraine and how it requires us to break our worst habits. “We are facing days, if not weeks and months, of horrific stories and images out of Europe,” he writes. “The crisis in Ukraine will test the world’s newsrooms to steer clear of grandstanding, avoid nationalism, prize reporting on the ground, and limit what we say to what we know. That could well prove to be too much to ask; in some cases, it already has. But at this point, early into this awful war, some of our biggest newsrooms are passing the test.”

Chris Licht, the producer who created “Morning Joe,” revamped “CBS This Morning” and revitalized “The Late Show with Stephen Colbert,” has been selected to run CNN once Discovery merges with WarnerMedia this spring, CNN reported, according to three sources with knowledge of the plan. “The parties involved have not yet commented on the anticipated appointment. But Licht’s hiring will be announced next week, one of the sources said. Licht is currently the executive producer and showrunner of “The Late Show” and executive vice president of special programming at ViacomCBS.

Facebook is failing to label many posts from websites most likely to publish climate change misinformation, according to a new report from a British watchdog group, the Nieman Journalism Lab reported. The group, the Center for Countering Digital Hate, looked at a small sample of English-language articles related to climate change from publishers the group had previously named to its “Toxic Ten” group, Nieman Lab reports. “In November 2021, CCDH found that this group of 10 websites — including Breitbart, Newsmax, and the Daily Wire — was responsible for nearly 70% of engagement with climate denial content.”

Leave a Reply

Your email address will not be published.