The hacker collective Anonymous claims to have hacked the Central Bank of Russia and is threatening to release more than 35,000 files in the next 48 hours.
Anonymous, which announced the hack via Twitter today (24 March 2022), further claimed it had obtained files with “secret agreements”, although the exact number and nature of the agreements is unclear.
The group previously declared a “cyber war” on Russia following Vladimir Putin’s illegal invasion of Ukraine on 24 February, and has already taken credit for a number of cyber attacks carried out against the Russian state.
This includes a hack of Russian state TV channels on 26 February to broadcast pro-Ukraine content, as well as distributed denial of service (DDoS) attacks on official Russian government websites, including those of the Kremlin and its Ministry of Defence.
The collective further claimed on 15 March it had conducted cyber attacks against FSB, the Russian intelligence and security service, and on the same day published leaked private correspondence it claimed to be between Putin and Russian defence minister Sergei Shoigu, which outlined plans to cut down and sell Ukrainian forests.
Anonymous has also turned its attention to private companies that continue to operate in Russia, announcing a hack of food giant Nestlé on 22 March, after which it leaked a sample of 10GB of sensitive data containing information on more than 50,000 business customers.
A day later, it tweeted out a picture with dozens of corporate logos attached to a warning for the companies that “your time is running out”.
Jamie Collier, a consultant at US cyber security firm Mandiant, told The Guardian at the end of February that Anonymous being organised as an informal collective made it difficult to attribute attacks to the group.
“It can be difficult to directly tie this activity to Anonymous, as targeted entities will likely be reluctant to publish related technical data. However, the Anonymous collective has a track record of conducting this sort of activity and it is very much in line with their capabilities,” he said.
Ukrainian deputy chairman of the State Service of Special Communications, Victor Zhora, said while he would not normally endorse Anonymous-style hacking, the war had changed the situation.
“We do not welcome any illegal activity in cyber space. We believe that every part should be responsible with their actions. But the world order changed on 24 February,” he said. “We have a martial law here in Ukraine, and I don’t think that appealing to moral principles works, since our enemy doesn’t have any principles.”
The government of Ukraine itself has also created a volunteer IT army to conduct cyber attacks against Russian targets, including businesses and government bodies.
Regarding the cyber volunteers, Zhora said no attacks on civilian computer networks were currently being carried out: “We call it a cyber resistance and we’re doing everything possible to protect our land and our cyber space. We are trying to protect our networks and to make the aggressor feel uncomfortable with their actions in cyber space and in Ukrainian land.
“These cyber warriors are not targeting civil targets, they are targeting military and government targets.”