Known on the Internet as MustLive an expert in web security Eugene Dokukin is a leading warrior on the virtual front.
In an interview conducted by Vasyl Korotkiy (UKRINFORM) Eugene spoke about the course the Ukrainian Cyber Army is pursuing, the successes the UCA has achieved and the overall cyber security situation in Ukraine.
Eugene is waging his war with the aggressor in the cyber sphere because that is where he feels ‘like a fish in water.’ He calls himself a ‘white hacker’ because unlike ‘black hackers’ he is not involved in criminal activity. In addition to ‘capturing’ more than 200 public webcams in occupied Crimea and in the Donbas Dokunin and his hacker associates have gotten personal information about thousands of separatists and terrorists and have handed the information over to the Security Service of Ukraine.
Eugene, are you still involved in computer hacking?
I am a specialist in auditing the security of sites on the Internet and in penetration testing, which is to say that I am involved in legal break-ins to analyze and assess the security of various sites. There is a huge number of hackers who break into super secure sites and steal millions of dollars. I do not do that. My approach is to work legally, to reinforce the security of sites on the Internet, although maybe I do have enough brains to do something even ‘cooler’ than what the ‘black hackers’ do.
I began auditing the security of Internet sites as a university student. Since then I have been monitoring the Ukrainian segment of the Internet network plus separately I review the sites in the gov.ua domain.
The group, ‘Ukrainian Cyber Army’ has been active since the beginning of June. You have no idea how time consuming all of this is. I am busy twenty-four/seven countering Russian aggression in the cyber sphere.
I am actually the one who occupies the position of ‘general staff’ because I plan operations, I assign duties to individual ‘combat units’ and I train members of the staff.
How big is your army?
That information is confidential, plus the number changes all the time. Of the full-time, active warriors, who are able to devote all their time to the Cyber Army – not too many. And I’m not even talking about actual hacking. There are not that many real hackers who are capable of doing ‘really cool stuff.’ Who they are and what they’re doing and how many of them there are is information that is not shared. Selecting members for a team and training them is very time-consuming and labor intensive. It sometimes happens that those who are willing and ready to work with us do not even have basic computer skills.
Do you remember when the first cyber battle took place?
For me personally March 1, 2014 marks the beginning of the war, the day the Council of the Russian Federation gave President Putin authorization to invade Ukraine. It was in March that I took the illegal referendum off the Verkhovna Rada of Crimea site by posting an appropriate message on the site. Several days later I ‘dismissed’ Aksionov and Konstantinov. My act did not get much publicity because the Ukrainian mass media pretty much ignored it. Actually, my act cannot really be considered as full-blown hacking. The site had a ‘hole’ in it, I took advantage of it, performed a ‘deface’ and proceeded to post my text. Which is to say that I provided a free service for the administrator of the site by conducting a free security audit. After Crimea became fully occupied, the hole was closed. The Russians took care of it. Their web security in regard to state sites is far better than ours is. Although I have to say that certain ‘elusive avengers’ within the Cyber Army were able to hack content and some of the law enforcement agencies of the Russian Federation, but I will not go into detail on this.
So that to become a warrior on the virtual front training is required?
Not necessarily. Ukrainian cyber forces are involved in courses of action that do not require training on a hacker level. All that’s required is a competency in the use of a PC. For example, we have a sector in ‘sound and video detection.’ Without revealing any details I will only say that by and large it is essential to have someone here to watch and listen and to be able to record a conversation or a video or to take a screenshot.
To block those electronic accounts that are used to finance the activities of the ‘DNR’ or the ‘LNR’ all that’s needed is for a complaint to be filed with the payment system and to provide the relevant evidence. Ukrainians living abroad especially help us in this because for them it is much easier to reach the central office of PayPal.
What kind of financial losses have the terrorists suffered thanks to you?
I have to say that closing an account is a long, drawn out process, but, like they say, ‘water reshapes stone.’ As a consequence of our work approximately a hundred ‘money bags’ have been squeezed shut and several bank accounts that had been used to bankroll militants in the Donbas have been cancelled. The amount in those accounts was well over 2 million USD.
The same applies to closing down the accounts the militants have in social media – we write complaints and ask that the account be blocked. We give different reasons for this. Though the Russian sites VKontakte and Odnoklassnyky generally simply ignore our complaints. Facebook will sometimes block a particular account but they might unblock it later. Twitter is better in that sense, they accept our complaints, rarely write back to us, but they block accounts more frequently.
We did win a few cyber battles through YouTube. Thanks to our efforts a number of videos and even channels have been removed. Lifenews, the Kremlin propaganda mouthpiece was partially blocked and the Sharia channel was completely blocked – I’m sure you’re familiar with that formerly Ukrainian journalist who is now working for the Russians.
Are the cyber warriors involved in cyber battles in the realm of information?
Yes, particularly on the pages of the Russian version of Wikipedia. One does not have to be a hacker to edit pages from Wikipedia. Why is Wikipedia a target? More than once we came across events in Ukraine being portrayed through the lens of Russian propaganda. We are helping to shed some light on what Russia is doing in and to Ukraine. I believe we are responsible for making more than half of the corrections in the posted articles. Although sometimes it becomes a kind of ping-pong game: we make corrections and then the Russian sector of the security service in charge of monitoring Wikipedia articles changes our corrections back to what they were, then we hit back, then they hit back and this can go on forever. The article about the Malaysian Boeing aircraft tragedy in Donetsk Oblast is particularly telling.
Are your activities legal within the current legislation?
You mean to say are we breaking any laws? Has Russia violated international law by occupying parts of our territory? Have the militants of the ‘DNR’ and the ‘LNR’ that have been labeled terrorist organizations by the Office of the Prosecutor General of Ukraine violated Ukrainian laws? Keeping the above in mind let us consider this question together – whether our counteractions in the virtual world are illegal.
What do you do with the material you obtain in the virtual war?
I pass all the information, the hacked content, the audio and video evidence, to the government security service. I did submit all of it to other agencies, as well, but I never got any feedback. But then the government security service doesn’t seem to be too interested, either, their response has been rather mild. Sometimes I feel like I am doing useless work.
According to me, counteraction to Russian aggression must be conducted on all fronts, including on the cyber front. You could say that I am a volunteer warrior of the cyber front. Every day the Cyber Army does substantial work to counter Russian aggression and propaganda.
Are you being compensated for your work?
I live off of the income I receive for auditing the security of web sites on the Internet. The insignificant costs we have in operating our cyber war are covered out of pocket by our members. We haven’t received a penny from anyone. If we did have funding, I would be able to do so much more!
According to you how well protected are government websites from being externally penetrated?
As I see it cyber protection and cyber security are not taken seriously by the government. The overall security of government websites is entrusted to the State Service for Special Communications and Information Protection, especially to its specialized unit, the CERT-UA. It’s true that to have complete protection from DDOS attacks is complicated because someone’s losses will be greater than what was spent on protection. But take a look at my statistics from the years 2001 through 2014 and you will see the number of government sites that had been broken into or infected. And actually, it’s not so much about the amount of funding the government allocates as it is in how well and efficiently the money is being put to use. And we must prioritize and build an effective cyber security system.
Within the Ministry of the Interior and the Security Service of Ukraine there are departments that deal with this issue, though, aren’t there?
In my opinion our security agencies have limited capabilities when it comes to cyber security, and even more so if there were a cyber attack. Cyber wars are a reality in today’s world, not to mention in the future. So adequate programs have to be developed, strategies for growth, innovation and advancement in cyber security need to be in place with an appropriate level of funding. For Ukraine, with its huge supply of IT experts it is criminal not to invest in cyber security.
At this point Russia is not conducting a real cyber war against Ukraine. What they’re doing in the cyber sphere I would consider part of their hybrid warfare. That does not mean, though, that we should not prepare for real cyber warfare.
When the Cyber Army was first being formed I stressed that its purpose was to conduct offensive cyber attacks as well as to perform defensive operations in cyberspace against those who attack Ukraine.
With this project of mine I wanted to demonstrate to the government that this can and should be done. The next step is to create an actual cyber army of real professionals and ‘cool’ hackers, a unit that would be capable of conducting serious operations against an aggressor.