The role of cloud services, public tools in the Russia-Ukraine cyber conflict

As Russia’s invasion of Ukraine continues for the third week, researchers have explored how cloud technologies are contributing to the conflict — at least, on the virtual battleground. 

When Russia crossed into Ukraine in February, this triggered action online. 

Ukraine had already experienced multiple attacks leading to website defacement, Distributed Denial-of-Service (DDoS) outages, and the use of destructive wiper malware. Anonymous hacktivists then became involved, and Ukraine’s government called for volunteers with cybersecurity skills to help protect critical infrastructure. 

By March, Ukraine had started forming what officials called an “IT army” tasked with network defense — as well as offensive counterattacks against Russian threat actors.  

According to new research conducted by Aqua Security’s Team Nautilus, cloud technologies now play a role in the digital side of the conflict. 

The team has tracked code and tools in public repositories, including Docker container images, code libraries, and popular software packages such as PyPI, npm, and Ruby.

Team Nautilus searched for names, guides, and tools promoted for use in cyberattacks by either side. In total, roughly 40% of these public repositories were “related to denial-of-service activity aimed to disrupt the network traffic of online services,” according to the researchers. 

Aqua Security Aqua

Read More: