White hackers in Ukraine: breaking the sites of the banks to block the accounts of militants and fighting the propaganda network

Hackers break into computers just like thieves to our homes. That’s just to calculate them is much harder, because they almost never leave traces. Even worse, that they can live in your computer for months, and you do not even will know. Hackers can steal pictures from your smartphone to steal money from debit card to track you via a web camera or listening through a microphone. Moreover, after prolonged training and the availability of funds to the hacker, even to shoot down the plane or blow up the satellite! But do not put the mark of the pest on all hackers, because they are not only black, but white and even gray. White hacker (from the English. White hat — white hat) is a specialist in cyber security. Unlike black hackers, white looking for vulnerabilities on a voluntary basis or for a fee, to help developers make their product more secure. And grey — those who are in General good, but sometimes it crossed the line of the law.

“Today” met with the famous Ukrainian white hackers and experts in cybersecurity and learned how they work.


33-year-old capital of the programmer Evgeny Dokukin Ukrainians know as “white hacker” and the main “cyber warriors” of the country. “To resist Russian aggression, I started in March 2014, — says Eugene. — At first he worked alone, and in June created the organization “Ukrainian Cyber army,” which still exists. We block the accounts of militants in the electronic payment system (has 420 accounts), blocking information resources of terrorists (now 171) can break open their email and websites (got 1TB of data), and listening to recorded Webcams of military equipment and the headquarters of the militants in the Donbas and in the Crimea.”

AS BEGAN. The first computer my parents gave my Wife for 11 years. “Then I decided to connect my life with computers, he says. — First was engaged in creation of websites, then web security. Since combine programming and security — create a security web application. Over 12 years of experience in this field understand that security people care about in the least. They often develop a pretty site and for safety — do not want. And if the private sector (banks, web brokers and convenience stores) at least a little invested in security, then the state is almost there. In addition, almost all the developers are doing a leaky sites, as a normal administrator not interested in web security. This area really never taught. I always find the “hole” on the sites of Ukrainian banks and government agencies and tell them about them. As a rule, even thank you says no! And in 2007 I made a “Presidential party” — found vulnerability on the websites of the presidents of Russia, Belarus, Slovakia and the USA. Wrote to them. As a result of the US administration and I thanked Belarus and Russia, and Slovakia did not answer, but over time the “holes” fixed”.

One of the ways of earning “white hackers” — bug-hunting. “This is a special program for the promotion of the search for vulnerabilities for which monetary compensation is paid, — says Eugene. — In Ukraine since 2012 this works for a large Bank. Another way — pentest: legal hacking — when you order, not only to find vulnerabilities but also to penetrate, that is, to hack the website. Of course, I also have not once tried to break in. To secure your Facebook profile in addition to strong password with SMS code I am also using the English interface. This ensures that all queries and complaints to my address deals with the English service Facebook, not Russian. Every day I get e-mails with requests to hack someone’s account: the mistress want to check if they lie to men, men are trying to define does not change whether his wife. But it is a crime, and I don’t do that. Profile of his girl too, I never hacked, I trust.”

Alex Komar
the President of “International center for combating cybercrime” (ICCC)

Due to the lack of clear legislative regulation of public-private partnerships in information security, any “white hacker” automatically falls into the “gray area”, — says Alexey Komar. — Besides it is not necessary to dissemble: most of the so-called white hackers pursue purely commercial goals. For example, the need for hacking into a website of money. Another thing is that the state does not use the potential of our IT specialists and idle in the field of cybersecurity. Hacking hackers the website of the Council of national security and defence, which was two weeks ago — another proof. I understand that breaking into even the website of the CIA, but the regularity with which “flip” the sites of our government agencies is staggering! According to CERT-UA (response team computer emergency events in Ukraine. — Ed.) about 40% of the IP addresses of the Ukrainian government agencies infected with viruses and used by cyber criminals to send spam. Hacking attacks not only hurt the network equipment is often leaking and even the suspension of the institutions. For example, last year for hacking the company “Prykarpattyaoblenergo” was de-energized part of the Ivano-Frankivsk region. In this sense, the allocation by Parliament this year of 150 million UAH for the modernization and development of cyber security more like resuscitation than on treatment. This also applies to the increase in salaries ciberpolitica. Since last year, the salary of an IT inspector is provided at the level of 8-10 thousand UAH. Now consider what a specialist will go for the money, if in an IT company he would be earning even a coder, not less than $1000? Our government should realize that cyber attacks is not the trolls in the comments, and serious threats to national security. As shown last year when he hacked into the computers of the US Democratic party, the threat of a geopolitical nature. Ukraine “yesterday” it was necessary to consider the experience of our geosource, for example, the United States, to develop and implement national standards in the field of national cyber security and make the appropriate changes to the legislation in terms of the use of hacking to work in the interests of national security. Replace imprisonment and a criminal record on a hard legal contract.


Hacks “the good” has turned even in sports. Annually the “white” hackers from around the world participate in CTF (from the English. Capture the Flag “capture the flag”) is a special kind of contest in information security (is). There are international rankings of teams most prestigious of which CTFtime in 2016, led the Ukrainian team dcua. The Ukrainians are ahead of 12 teams and were the best in the world in the field of cybersecurity! And the previous 4 years, the guys consistently in the top 10 in the world.

GAME FOR HACKING. “dcua exists on the basis of the Kiev Polytechnic Institute. Sikorski in 2012, says team captain Nikolai Ilyin — as one of the projects of the Ukrainian group DefCon-UA (community specialists in the sphere of information security associated with well-known international conference DefCon — Ed.). CTF have important educational purpose of promoting knowledge in the field of technical information security and generally enhance the prestige of the specialty. The idea of the competition — the solution of practical problems, such as vulnerability scanning, web resources, forensic analysis of incidents, analysis of public data sources, and more. Most of these attacks are often those that are used by hackers in real life. Due to such contests and “white” hackers to gain experience in offensive security and learn how to protect the system. The participation in the CTF is fully legal, is almost always free of charge and without restrictions.

In Ukraine there are about ten teams — they have participated in at least one of the rating competition. There are those that call themselves “white” hackers, but never manifested. In the world of such commands about 16 thousand”.

THE TRAIL OF THE HACKER. To find career of the attacker very difficult. “It all depends on his qualification and the method that he uses, explains Nicholas. — One incident or indicator to calculate its origin is unlikely. For example, if the time zone of the hacker’s work coincides with the Russian time — some think he’s from Russia. In fact, it can be the whole time zone of Moscow — even, for example, Abu Dhabi (UAE), which is just an early riser. But if a hacker — a civil servant, the time zone may indeed to give it: attack it daily starting at 10:00 and continues until 18:00”.

“A hacker can execute commands to steal or tamper with data, keep track of correspondence, etc., — says member of the team dcua Mykola Ovcharuk. The activity of a hacker can be observed by using so-called sniffer program to intercept traffic. Despite this discovery can take a long time — months. If the company deployed a monitoring system security, and he managed to crack, it can remain undetected in the system and up to 8-10 months. There are systems that are traditionally poorly covered by the security services — while fixing, for example, in the router, the attacker can sit for years, does not betray himself”.

Self-DEFENSE. “The elementary means of protection for your PC the most effective — the inclusion of periodic updates of the operating system. Also watch out for phishing (a form of Internet fraud with the aim of gaining access to usernames and passwords. — Ed.). Often begins with the receipt to the post office mail, perhaps even from a friend or colleague. Be careful, don’t click on all links or open attachments from all emails. This is one of the most popular attack vectors. By the way, that since last year, has been hacked sites of the state Treasury, the Ministry of energy and Prykarpattyaoblenergo”.
The guys told me that of all the films about hackers are the closest to reality is only a TV series “Mr. Robot”, where even shown attacks that are actually. By the way, women among the “white” hackers meet too.

Team whitehat hacking dcua. On CTF Mykola Ovcharuk (left) is responsible for the protection of the services, and captain Nikolai Ilyin — security analysis

Sergey Demediuk
Head of the Department of police of National police of Ukraine

The hacking of websites and have always been. Just about it before or didn’t know, or deliberately suppressed, in order not to worsen my reputation. Today speak about it very much because of the impression that the number of DDoS attacks has increased dramatically. The cyber-police are trying to cooperate with all who can benefit in the investigation and prevention of crimes in the Internet space. With the “white hackers” are cooperating very closely, even invited them into their ranks. In their activities there is nothing bad, as long as they do not violate the law. But, unfortunately, not many professionals working today in government agencies in the field of cybersecurity: a good sysadmin would not work for the salary of a civil servant, because hiring them periodically. Although there are real aces who help us on the ground of patriotism. Ideally it would be nice if state agencies could offer them a salary at the level of the commercial sector, but it is $2-5 thousand