How are the Ukrainian Cyber-Troops organized: an interview with the “white hacker” Yevgeny Dokukin

Author Dzyuba Evgenia ,IntervieweREvgeny Dokunin
In the spring of this year on the Internet there was a grouping that calls itself cyber troops. Yevgeny Dokukin, the organizer of this movement, on his Facebook page encourages volunteers to join special operations of cyber intelligence to counter Russian propaganda and terrorist actions, for which he received the nickname “white hacker”.

In the spring of this year on the Internet there was a grouping that calls itself cyber troops. Yevgeny Dokukin, the organizer of this movement, on his Facebook page encourages volunteers to join special operations of cyber intelligence to counter Russian propaganda and terrorist actions, for which he received the nickname “white hacker”.

How many people are there in VHF at the moment?

About two or three thousand. In August, for example, there was a period when UVK numbered about three thousand people. The inconstant composition of the “troops” is conditioned by the fact that all participants do this work on volunteer terms – therefore, someone leaves, but new volunteers come to take their place.
SBU appeals to you for help or do you often contact SBU staff with information about vulnerabilities that you have identified?

I very often draw the attention of SBU officers to threats that they can prevent or appeal because they could make the necessary actions faster. It’s no secret that the bureaucracy becomes the most important “stumbling block” in solving all issues. Sometimes, however, rarely, privately, private appeals are received from individual members of the Security Service, but I can not disclose details.
What are the achievements of VHF at the moment?

For DDoS-attacks provides for criminal liability for Article 363-1 of the Criminal Code. Do you personally “break” or instruct them to volunteers of cyber troops?

I myself do not do DDOS-attacks – this is what other people are doing. The websites of terrorists are blocked daily due to this work. Knowing that in any case I fall under Article 363 – either as a performer or as an organizer, I prefer not to talk about this area of ​​VHF activities and that I have to do with it.
Your possible actions, if under the guise of a volunteer, you are in the ranks of the UVK, the spy has infiltrated?

With all the participants of the Ukrainian cyber-troops, we do not cross into the off-line. I only talk to the SBU in electronic form. If someone asks for a meeting – I carefully double-check a person and if potentially he can be a spy – I refuse to meet.
If the volunteer wants to help you conduct a DDoS, but is afraid of bringing to criminal responsibility – can you provide some “guarantees” to people, referring to cooperation with the SBU?

I can not provide any guarantees to anyone, but I am a responsible person and I can definitely say that I will not “surrender” those who, for example, took up the DDOS-direction.

We work in more than 15 areas. I can say that for one of our site blocking operations, which is called “Blocked Virodki”, over the summer we blocked about 30 sites – we managed to achieve their closure through complaints to the hosters.
SBU tells you “thank you” for your help?

“Thank you”, as a rule, speak more often, instead of specific actions on its part in the field of security on the Internet.

How did the idea of ​​the establishment of the Ukrainian Cyber ​​Troops come about?

For almost 10 years now I have been working with the topic of security and are engaged in auditing cyberspace. The idea to organize VHF appeared when the situation in the Crimea in March this year began to rapidly sharpen. Then I decided to act and “sent” Aksenova resignation on the official website of the Crimean Parliament. For this, I specifically used a vulnerability that does not apply to Article No. 363-1 of the Criminal Code. Back in March, I tried to attract people in order to block the accounts of terrorists, but then no one responded. I did not wait and wrote to “Web Money” and “Yandex Money” with a request to block specific accounts that belonged to terrorists – in two days these accounts were blocked. So I began to deal with the influence myself. Statuses on the work done I published on my site and Facebook page and, gradually, people began to “pull up”. Now to all participants of cyberwar, I propose a list of operations that require urgent action – they can choose a convenient way to interact with VHF.

If the SBU asks you to name the names of these “volunteers”?

So far, except for journalists, no one has asked for this. I suppose that law enforcement agencies can always “find fault” in such activities, but I think that if they want to know, they will not ask me.
What do you do for a living? Commercial structures turn to you with requests to make a DDoS attack on competitors?

For businesses, I conduct security audits, but no one asks for DDoS. I have always earned as a security audit consultant for sites. I started with the development of sites, but, then, gradually, I went into the security audit. Now, 24 hours a day, I occupy only cyber-wars.

“VHF coordination absorbs all my time, even when I’m asleep – there are special programs running on the network, so, all the same, the work is continuously ongoing.”

At the moment, I earn a living on advertising in the Internet – this is enough for me.
How can you describe the state of Ukrainian cyber space?

Before the establishment of the UVK, since 2006, I have found a lot of vulnerabilities on the websites of government agencies and reported this to relevant departments. Many state institutions, for example, the Cabinet, ignored, however, I must say that when I informed the SBU about the vulnerabilities found on their site, they tried to react quickly.
How will VHF develop further? Do you expect support from the state?

Ukraine needs reorganization of special services. I believe that cyber warfare should be formed as a separate unit at the state level, with the involvement of investments in this sphere. Theft of budgets and criminal inactivity must be eradicated in state structures that deal with security.


About chainsoff.

Intelligence Media Service, Monitors and Analyzes Extremists’ activities, including and not limited to: The Muslim Brotherhood, Kurdish Terrorism, Syrian Politics, Jabhet Al-Nusra, Hezbollah, Cyber Crime, and Taliban activities in Syria. Well known for her deep knowledge on Terrorism. Open Source Exploitation expert in the discovery, collection, and assessment of foreign-based publicly available information, also known as Open Source Intelligence (OSINT), HIMNT
This entry was posted in Uncategorized and tagged , , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s