As Russian troops invade Ukraine in a barrage of heavy weapons, pro-Ukrainian attackers are looking to take down www.mil.ru got something unexpected: error 418 where the server says it can’t complete your request because it’s a teapot.
The teapot bug is a decades-old April Fool’s Day joke that’s sometimes reused to tell hackers that their efforts were predictable and blocked. “It’s almost like giving a middle finger,” Amit Serper, director of security research at Akamai, told BuzzFeed News. Akamai, like its competitor Cloudflare, runs much of the internet-enabled plumbing.
A few days later, the teapot bug was gone, and mil.ru and the websites of famous Russian banks such as Gazprombank went dark for most internet users outside of Russia. The government has important websites that are geo-fenced – which means people outside the country cannot access these sites and so cannot hack them.
“I think the Russians realize that whatever they are trying to do to other people, the same can be done to them,” says Serper. “By geolocation, you’re making it impossible for someone outside of Russia to achieve all of those goals.”
In other words, Russia had expected retaliation for its invasion of Ukraine and had been lashing out at the cyberattacks it suspected were imminent — and they did.
The day after the invasion began, Reuters reported that a prominent Ukrainian businessman worked closely with his government to assemble a team of volunteers for cyberattacks and cyber defenses. While the offense would be to conduct espionage, the self-defense forces that would ensure the safety of critical infrastructure such as Ukraine’s power plants and water treatment facilities were once targeted. Russian consumption in the past. Then, Deputy Prime Minister of Ukraine Mykhailo Fedorov called for volunteers to join the Telegram channel for Ukraine’s IT army. “There will be quests for everyone. We continue to fight on the cyber front,” said Federov.
Since then, social media accounts affiliated with hacker collectives and pro-Ukrainian Telegram groups claim that groups like Anonymous have taken some Russian websites and servers offline. However, Russia’s geofences and Russia’s own long history of spreading disinformation have made it difficult to confirm the extent to which these websites were hacked and, if so, how long before. when they are restored.
However, even if the hacker’s claims are true, security experts remain cautious about the consequences of crowdsourced attacks.