We have seen many times that whenever a war breaks out between two parties, problems arise in many places without any apparent reason. For example, websites are being hacked, and cybercrimes are increasing in both government and non-governmental organizations.
During conflicts, there is often a significant rise in various types of cyberattacks, including DistributedDenial of Service (DDoS) attacks, ransomware campaigns, website defacement, and data theft. These attacks can cripple services, demand ransom payments, or leak sensitive data, and they typically affect critical infrastructure in both the public and private sectors. All these problems are the ones that we try to understand but cannot. Today, we will try to understand this thing.
Are all hackers or hacktivist groups state-sponsored, and how is it that not all of them can be?
Is there a clear answer to this question that not all hackers and hacktivist groups are hired by the state, or that no hacker can be hired as a freelancer? In many places, Russia allegedly hired hackers during the war between Israel and Iran, as well as the war between Russia and Ukraine. However, none of these attacks could be clearly proven, and in some instances, there was evidence that the attacks were carried out by local hacker groups whose motivations were connected to personal grievances.
The answer to this question itself contains many stories and explanations. Do hackers really hack all these servers overnight? In some cases, the answer is yes, while in others it is no. Let’s see how all these servers get hacked in just one night.
The beginning of all these activities starts with information gathering, which in cybersecurity is also called OSINT (Open Source Intelligence). It is the stage where information gathering starts, long before the actual attack.
For example, suppose you needed to obtain someone’s password somewhere, and for that, you first needed their email address, but you did not have it. Once you got the email address, you then started collecting more information about that person—such as their date of birth, how they set up their passwords, who they work with, and other related details.
Some of this information is also sold on the dark web. Many groups, including those from China, Russia, and other countries, go to the dark web and sell their collected data there.
There are no specific There are no specific way to identify whether these hackers are state sponsors or local hackers, but sometimes the techniques and the mythologies they use and the way they hack tell us whether it’s a state sponsor or not.
To observe OSINT-based techniques, the best approach is to regularly check the internet on a daily basis to see where your information might be leaking. It is also important to investigate whether someone inside your company might be responsible, or whether you have installed any software that is publishing your information or personal data on the internet.
Often, such information gets shared online when an organization installs cracked or untrusted software. Such software can secretly install ransomware or other malicious programs on your system, which then start leaking or exposing your data on the internet.
