Pro-Kremlin hacktivism in Russia mostly fake, Ukraine’s Department of Cyber Information Security chief says

Pro-Kremlin hacktivism in Russia mostly fake, Ukraine’s Department of Cyber Information Security chief says

Since the beginning of Russia’s full invasion of Ukraine, numerous “patriotic” hacktivist groups have emerged launching cyberattacks on targets deemed Russian enemies, but that’s largely a fiction, Illia Vitiuk, the head of Ukraine’s Department of Cyber Information Security said at the RSA 2023 Conference.

According to Vitiuk, more than 90% of cyberattacks targeting Ukraine are either conducted by special services or by state-sponsored groups.

“I do believe that there is no so-called ‘hacktivism’ in Russia at all,” he said.

Most of those “hacktivist” collectives are fronts for various Russian state agencies, and in other cases, they are coerced by the Russian authorities into performing attacks or publishing hacked materials obtained by more established Russian government hacking units.

In February 2022, Russia’s law enforcement conducted several operations against Russian cybercriminal underworld, including the arrest of several members of the REvil ransomware gang.

Vitiuk believes that the arrests were simply intimidation.

“This was an attempt to intimidate them and others to show that you need to work for us,” Vitiuk said. “And now you need to work against Ukraine.”

Situation is different in Ukraine, where hackers have combined efforts to launch attacks on Russian targets, Vitiuk said.

“There were some people that were previously involved and even convicted for hacker activity in Ukraine that came to us and said, 'Now we are fighting with you against Russia, what should we do?'” he added.

Back to the list

Latest Posts

Police crackdown shuts down major Kidflix platform hosting child sexual abuse material

Police crackdown shuts down major Kidflix platform hosting child sexual abuse material

As a result of the operation, 79 arrests were made, 1,393 suspects identified, and over 3,000 electronic devices seized.
2 April 2025
Ongoing campaign targets exposed PostgreSQL instances to deploy crypto miners

Ongoing campaign targets exposed PostgreSQL instances to deploy crypto miners

The campaign could involve over 1,500 compromised systems.
2 April 2025
DPRK IT worker threat expands beyond the US, focuses on Europe

DPRK IT worker threat expands beyond the US, focuses on Europe

The schemes come with new tactics, including extortion campaigns and corporate virtualized infrastructure compromises.
2 April 2025