
“We have made good strong hits, and a lot of websites don’t work,” says Dmytro Budorin, the CEO of Ukrainian cybersecurity startup Hacken. When the war started, Budorin and colleagues altered one of the firm’s anti-DDoS tools, called disBalancer, so it could be used to launch DDoS attacks.
While Kaspersky’s analysis says the number of DDoS around the world has returned to normal levels as the war has progressed, the attacks are lasting for longer—hours rather than minutes. The longest lasted for more than 177 hours, over a week, its researchers found. “Attacks continue regardless of their effectiveness,” Kaspersky’s analysis says. (On March 25, the US government added Kaspersky to its list of national security threats
Budorin says DDoS has been useful for helping Ukrainians contribute to the war effort in other ways than fighting and says that both sides have improved their attacks and defense. He admits DDoS may not have a huge impact on the war, though. “It doesn’t have a lot of effects with respect to the end goal, and the end goal is to stop the war,” Budorin says.
Since Russia began its full-scale invasion, the country’s hackers have been caught trying to disrupt power systems in Ukraine
Budorin says that, beyond pivoting his company’s technology to help launch DDoS attacks, it also created a bug bounty program for people to find and report security flaws in Russian systems. More than 3,000 reports have been made, he says. He claims this includes details of leaked databases, login information, and more severe instances where code can be run remotely on Russian systems. The company validates the vulnerabilities and passes them on to Ukrainian authorities, Budorin says. “You don’t go through the main door,” he says. “You go through the regional offices. There are so many bugs, so many open windows.”