When Russia swiftly invaded Ukraine using heavy weapons, a group of Ukrainian hackers who were attempting to bring down www.mil.ru encountered an unexpected obstacle. They received an error message stating that the server is unable to fulfill the request because it is a teapot, also known as a 418 error.
The teapot error, originally a prank, is sometimes used to inform potential hackers that their efforts have been anticipated and blocked. According to Amit Serper, Director of Security Research at Akamai, it’s like giving a middle finger to the hackers. Akamai, along with Cloudflare, provides a significant amount of internet infrastructure.
A few days later, the teapot error disappeared, and mil.ru, along with prominent Russian banks like Gazprombank, became inaccessible to most internet users outside of Russia. The Russian government had implemented geofences around critical websites, preventing access from outside the country and safeguarding them from hacking attempts.
“I believe the Russians realized that whatever they were attempting against others could be done to them as well,” noted Serper. “By implementing geofences, you make it impossible for someone outside of Russia to target all those entities.”
In response to the invasion, a prominent Ukrainian entrepreneur worked with the government to recruit volunteers for both offensive and defensive cyber operations. The offensive team would engage in espionage activities, while the defensive team would protect critical infrastructure like power plants and water treatment facilities, which had been previously targeted by Russia. Ukrainian Vice Prime Minister, Mykhailo Fedorov, announced the formation of the IT Army of Ukraine and called for volunteers to join a Telegram channel, stating, “There will be tasks for everyone. We continue to fight on the cyber front.”
Since then, several hacker groups and pro-Ukraine Telegram communities on social media have claimed responsibility for disabling Russian websites and servers. However, due to the Russian geofence and the country’s history of disinformation, it is difficult to verify the extent of these hacks and how long the websites remained compromised, if they were indeed compromised.
Despite any potential success claimed by hackers, security experts remain cautious about the consequences of crowdsourced attacks.
GIPHY App Key not set. Please check settings