In the first year of the full scale war waged on Ukraine by russia, our tactics focused mainly on kinetic actions against russian Internet Service Providers and Telecoms that support the russia military. This tactic resulted in 100 missions in 2022 that crashed over 50,000 routers and other types of Internet equipment, especially Voice over IP (VOIP) systems and services. We also attacked dozens of SCADA systems with some success, including in Khanty-Mansic, Glonass, Crypto and Power Plants, as well as the largest crypto mine in russia. The most important "thing" we do, I can't even mention here. Through all of these we strove to be ethical cyber warriors. We fought by the laws of war; avoiding hospitals and water supplies, and intentionally abandoning missions agaisnt critical civilian infrastructure.
The goal was to impact russian war logistics to the maximum extent possible, so that our Ukrainian troops at the front line would face a weakened and starved enemy. We worked closely with the IT Army of Ukraine (ITAU) to gain knowledge about russian infrastructure. I also created flashy media posts for each of our missions, including 10 short movies about the work that were popular on Twitter. While this was extremely helpful in bringing in donations and support which the teams needs, it was also over-informative to the enemy who was also learning from our methods. We experimented working on joint operations with other cyber groups as well.
2023 brought about many changes to our tactics and strategy as our skills and knowledge of cyber warfare grew. While our standards of avoiding critical civilian infrastructure remain firmly in place, we worked to develop tooling and skillsets that would allow us to be much more effective in our defense of Ukraine. Most visibly, we stopped creating flashy presentations and movies about our work, as while it was effective at informing the public and drawing donations critical to continuing the work, it was too informative to the enemy and risked exposing our methods and tradecraft. As such we were asked by Ukraine to not do that for most of our missions, and we agreed with them. Even so it represented a significant shift to the public on how the cyber war was being waged.
Not only did this upset the public on twitter, it draw accusations of donation-theft and grifting by russian trolls who jumped on the bandwagon to try and score points in the propaganda war. This was upsetting for us, and donations dropped off completely as a result. Despite this, the amount of work we were asked to do increased by three fold in 2023 compared to 2022, and we now much more in lock-step with Ukraine than we did before. In the first year we mostly chose our own missions, which was a problem for me because it meant a civilian was making life or death decisions about missions to do or not do, targets to destroy or abandon, with no input from any government on it. While the Twitter media made us look like our work was precisely planned by Ukraine, it was not - none of it was planned by any government. It was all about what we could get into, and what we could do. While we were the most popular then, ironically, we are far more effective today.
At the end of 2023 we are looking back at a second year in defending Ukraine against the russian genocidal war, and are happy to report that we are poised to do big things in 2024 for Ukraine. We have invested allot of time and resources on build up an unique set of tooling that enables both OneFist and IIL to conduct the cyberwar in a more automated, efficient and nimble way. I cannot share many details beyond that, other than I personally have devoted much of the year to the work and we are in deployment and alpha-testing now. I can say that it fundamentally changes the way in which we will conduct cyber war, and will be an order of magnitude better than what we had in 2022.
Most importantly is that we have built up a solid group of cyber and intelligence experts, and integrated them into a fighting force with the International Intelligence Legion (IIL). I also have to be vague here, as the work IIL does is sensative (from OSINT to HIMARs targetting). What I can say is that there is always a need for intelligence in war, and IIL excels in their work for Ukraine.
OneFist and IIL work hand-in-hand in the defense of Ukraine now, and will until the victory against Putin's genocidal war against Ukraine and Ukrainians. That has been our committment from day Putin invaded Ukraine and it remains our promise today. While we cannot post most of the work we do, we will when it is allowed and as time permits. We will post the work here on our blog so that it is immune to social media problems, and will post links on various platforms leading here.
Thank you for reading,