March 16th, 2022: Utilizing Cloud Technology in Russia and Ukraine

Industry: Digital Services, Education, Media, Network, Technology, Telecommunications | Level: Strategic | Source: AquaSec

Analysis from AquaSec's Team Nautilus tracked the use of cloud technologies associated with the Russia and Ukraine conflict. The review focused on public repositories including DockerHub, GitHub, NPM, GO, Python and Ruby. The DockerHub repository contained the most resources associated with the conflict, followed by GitHub, NPM, GO, Python and Ruby. Analysis from AquaSec identified "about 40% of the packages we observed were related to denial-of-service (DoS) activity aimed at disrupting the network traffic of online services. Other public repositories provided information to Ukrainian and Russian citizens or tools to block user networks from the conflict area." In regards to the DockerHub container images, those provided to assist with DDoS attacks against Russia showed steps to initiate the attack as well as a target list. A review of attacks in the wild by AquaSec, identified targets by sectors for DDoS attackers were mainly (in order) network, media, technology, digital services, telecommunications and education.'