The Media Today

Ukraine, Russia, hacking, and misinformation

February 28, 2022 By Mathew Ingram
Ukrainian flag displayed on a laptop screen and binary code code displayed on a screen are seen in this multiple exposure illustration photo taken in Krakow, Poland on February 16, 2022. (Photo illustration by Jakub Porzycki/NurPhoto via AP)

As soldiers and civilians in Ukraine continue to resist an invasion by Russian troops, a very different kind of war is being fought on a separate front: the internet. Within hours of Russian troops attacking cities and government facilities in Ukraine, hackers—including some who claimed to be affiliated with the underground group known as Anonymous—went after a number of Russian government sites and systems. While some of these cyber-attacks appeared to be designed just to cause annoyance, others were aimed at shutting down the Russian government’s operational abilities, or revealing what military intelligence officials in Russia might know. The battle has also seen attempts by Russia to hack information networks, by using propaganda and misinformation on social and traditional media.

Some of the cyber-hacking attempts were invited by the Ukrainian government itself. Starting Thursday morning, posts started to appear on a variety of hacker forums, asking for volunteers to protect critical infrastructure and conduct cyber missions against Russia, according to a report from Reuters. The posts call on the “Ukrainian cybercommunity” to “get involved in the cyber defense of our country,” and invite hackers to apply via Google docs. Yegor Aushev, co-founder of a cybersecurity company in Kyiv, told Reuters he was asked by a senior Defense Ministry official to write the posts.

Groups of pro-Ukraine hackers have also come together to launch a variety of attacks on Russian infrastructure and command systems, Politico reported. And a group known as the Belarusian Cyber Partisans, “hacktivists” based in Belarus who are opposed to Russia’s invasion, , said they have created a tactical organization to help Ukraine’s military fight against Russia. The group claimed in January, ahead of Russia’s recent invasions, that it had encrypted parts of the computer systems used by the state railway in Belarus, in an attempt to slow down the movement of Russian troops by rail.

Ukrainian officials hope that hackers and cybersecurity experts might protect the country’s critical infrastructure from Russian hackers—a concern that is more than theoretical. In 2015, a cyberattack crippled Ukraine’s power plants and left 225,000 Ukrainians without electricity; many believe hackers affiliated with the Russian government caused the outage. In 2017, the night before Ukrainian Constitution Day, a ransomware attack that came to be known as NotPetya caused an estimated $10 billion in damages globally, and, according to analysts, was concentrated in Ukraine.

The consensus among a number of countries, including the US and UK, is that Russia was behind NotPetya, which leveraged a kind of attack that the US National Security Agency in the US has used in the past. (The attack methods were leaked in 2017.) Last week, a piece of malicious software—one that infects computers and then wipes them of data—was found on a number of critical systems in Ukraine, including those of several government agencies and a financial institution.Suspicion has fallen on Russia as the source of the cyber-attack.

In terms of attacks and defensive measures in social media, Russia’s state censor announced late last week that it would start curtailing access to Facebook because the social network limited the reach of Russian media outlets, according to Kevin Rothrock, an editor with the independent Russian media outlet Meduza, which is based in Latvia. Over the weekend, YouTube announced that Russia Today, the state media outlet, would no longer be allowed to monetize its content on the video-sharing network, and that Russian media outlets will not be allowed to advertise on other Google services, such as Gmail.

Sign up for CJR's daily email

There are also social-media accounts filling a different role that is commonplace during wartime: profiteers. Taylor Lorenz wrote for Input magazine about a wave of Instagram accounts that have been posting misinformation about the conflict in Ukraine—not because they are working for Russia or Ukraine, or even care about the specifics of the conflict, but because they want to go viral, in order to generate as much advertising revenue as they can. “What I’m trying to do is get as many followers as possible by using my platform and skills,” the administrator for @livefromukraine and @POVwarfare told Lorenz.

Here’s more on the Russia/Ukraine conflict:

  • Intelligence: The Harvard Gazette spoke with Lauren Zabierek, a former Air Force intelligence officer and current director of the Cyber Project at Harvard’s Belfer Center for Science and International Affairs, about Russia’s cyberwarfare capabilities, and what a cyberattack against the US might look like. “We don’t have any indications of immediate attack,” she said, “but we do know that Russians have at least conducted reconnaissance activities against our critical infrastructure for years and may have implanted some sort of tools to impact these services in response to US or allied foreign policy action.”
  • Free tools: Runa Sandvik, a security analyst who has worked with journalists at the New York Times and Freedom of the Press Foundation, offered on Twitter to give any journalists in Ukraine free virtual private network accounts so they could access the internet anonymously. And FlokiNET, a hosting service based in Finland that says it provides a safe place for activists and whistleblowers, offered its tools to journalists as well.
  • Debunking: Renee DiResta, technical research manager at the Stanford Internet Observatory, said on Twitter that “the proliferation of video content purportedly coming out of conflict zones is a challenge for debunkers, but nearly impossible for ordinary audiences. Reverse image search doesn’t perform well [and] it’s essentially impossible to do from an app like TikTok.” Jared Holt and Sam Thielman put together an edition of their newsletter with links to reputable sources for information on the Russian invasion of Ukraine, including Bellingcat and Jane Lytvynenko of Harvard’s Shorenstein Center.

 

Other notable stories:

  • The European Union said Sunday it would ban media outlets Russia Today and Sputnik, according to a report from Variety. Ursula von der Leyen, the president of the European Commission, said that the EU would ban “Kremlin’s media machine,” and that RT and Sputnik, as well as their subsidiaries, would no longer be able to “spread their lies to justify Putin’s war and to sow division in our union.” Von der Leyen also said the EU was developing tools to “ban the toxic and harmful disinformation in Europe.” In Britain, RT is under review by the country’s media regulator, and it was suspended in Australia on Saturday.
  • CNN determined that Allison Gollust, the network’s former marketing chief, provided guidance to then-anchor Chris Cuomo as he tried to help then-New York Gov. Andrew Cuomo deal with allegations of sexual misconduct, the Wall Street Journal reported, quoting people familiar with the matter. Gollust, who resigned from CNN last week, “denied offering advice to Andrew Cuomo and said the notion that her communications with Chris Cuomo could be considered as such was ‘patently ridiculous.’”
  • Vice wrote about Elena Chernenko, a journalist for the Moscow daily Kommersant, who woke up Friday to find out that her access to government officials had suddenly been revoked. “Her crime? Publishing an open letter not criticizing the government but voicing her opposition to war. Over 280 other journalists signed Chernenko’s letter, including some who are employed directly by the Kremlin at state-run news agencies.”
  • The International Coalition of Investigative Journalists helped create a partnership of more than 30 media companies in 22 countries to investigate leaked documents from Ericsson, which the ICIJ says “detail alleged corrupt practices in 15 countries, including in Iraq, where the Swedish telecom giant may have made payments to ISIS.” 
  • Kyle Pope, editor of CJR, wrote that the crisis in Ukraine requires the news media—and cable news, in particular—to break its worst habits. “We are facing days, if not weeks and months, of horrific stories and images out of Europe,” he wrote. “The crisis in Ukraine will test the world’s newsrooms to steer clear of grandstanding, avoid nationalism, prize reporting on the ground, and limit what we say to what we know. That could well prove to be too much to ask; in some cases, it already has. But at this point, early into this awful war, some of our biggest newsrooms are passing the test.”
  • Brian Stelter reports that Chris Licht, a producer whose credits include “Morning Joe,” “CBS This Morning,” and “The Late Show with Stephen Colbert,” has been selected to run CNN once Discovery merges with WarnerMedia this spring, citing three sources with knowledge of the plan. Licht is currently executive vice president of special programming at ViacomCBS.
  • Facebook is failing to label climate-change misinformation as such, according to a new report from the Center for Countering Digital Hate, a British watchdog group. The center looked at a small sample of English-language articles related to climate change from publishers the group had previously named to its “Toxic Ten” group, Nieman Lab reports. “In November 2021, CCDH found that this group of 10 websites — including Breitbart, Newsmax, and the Daily Wire — was responsible for nearly 70% of engagement with climate denial content.”
Mathew Ingram is CJR’s chief digital writer. Previously, he was a senior writer with Fortune magazine. He has written about the intersection between media and technology since the earliest days of the commercial internet. His writing has been published in the Washington Post and the Financial Times as well as by Reuters and Bloomberg.