Australian hackers who take the fight to Russia from home soil could find themselves in legal jeopardy.
Global hackers collective Anonymous swiftly declared cyber war on Moscow last month when Vladimir Putin invaded Ukraine.
And the so called hacktivists have claimed some successes not just against the Kremlin but also the Russian defence department and space agency.
Common methods include defacing websites, accessing and stealing information or forcing target sites and networks into shutdown by flooding them with data.
Under Australian law, however, such hacking and denial of service attacks are offences.
Drafted to crack down on the most vile cyber criminals, including those sharing child exploitation material and using computers and networks for fraud, money laundering and identity theft, the statutes also cover hackers.
There are specific commonwealth “computer offences” relating to hacking data and interfering in electronic communications.
“People undertaking cybercrime activities from Australia, such as hacking against a foreign government entity, may be committing an offence,” a Home Affairs spokesperson told AAP.
The maximum penalty for unauthorised access to, or modification of, restricted data is two years’ imprisonment, while unauthorised impairment of electronic communication could earn 10 years in jail.
Ukraine wanted a blackout for Russia from core parts of the internet.
But after an official request, the global body in charge of the domain name system, the Internet Corporation for Assigned Names and Numbers, has refused to act against Russian websites.
Responding to Ukraine Vice Prime Minister Mykhailo Fedorov, ICANN says its mission does not extend to punitive action, issuing sanctions or restricting access – regardless of the provocation.
Instead, it has allocated an initial $A1.4 million to support internet access for users within Ukraine.
Board Chair Maarten Botterman says ICANN stands for a single, global and neutral Internet that serves all in exercising fundamental human rights, including to seek, receive and impart information and ideas.
“This is especially critical when timely access to information and communication may be life saving,” he says.
Global giant Google says its protection service Project Shield is being used by more than 150 Ukrainian websites to prevent Russian attacks.
The military – in the West and Russia – have their own closed version of the internet and vital infrastructure, so closing parts of the public web would not necessarily impede operations.
But a blackout could curtail access to valuable open-source intelligence, or OSINT, that is vital to all sides.
Images and data are being shared across social media, on encrypted messaging services or anonymously via the Tor browser that hides digital footprints.
“A growing number of people in Russia and Ukraine are using Tor to communicate, access news and get around censorship,” according to prominent hacker Runa Sandvik.
A network measurement analysis shows fresh blocks have been imposed in Russia since the February 24 Ukraine invasion.
Russian Internet Service Providers started throttling access to Twitter within days of the incursion and moved to block access to Twitter and Facebook on March 4, analysts Maria Xynou and Arturo Filasto found.
Their report, issued by the global Open Observatory of Network Interference, shows international news websites, as well 200rf.com about captured and killed Russian soldiers in Ukraine, have been blocked as Russian censorship efforts ramp up.
Multiple blocking technologies are being employed at the same time, making it harder to circumvent, they said.
Russia also introduced higher penalties – including up to 15 years’ jail – for disseminating false information about its military operations, discrediting its armed forces and supporting calls for anti-Russian sanctions.
In Australia, Foreign Minister Marise Payne has announced sanctions on Moscow’s “propagandists and purveyors of disinformation”.
“Tragically for Russia, President Putin has shut down independent voices and locked everyday Russians into a world characterised by lies and disinformation,” she said.
Payne says this is aimed at legitimatising Russia’s unprovoked, unjustified invasion with false narratives such as the “de-Nazification” of Ukraine.
The Australian government is also working with Facebook, Twitter and Google to stop disinformation by Russian state media within Australia.
SBS and Foxtel have already announced the suspension of Russia Today and NTV broadcasting.
Online streaming services Netflix and YouTube have also moved to drop Russian state channels. And
Anonymous has also claimed some success.
“The hacking collective #Anonymous hacked into the Russian streaming services Wink and Ivi (like Netflix) and live TV channels Russia 24, Channel One, Moscow 24 to broadcast war footage from Ukraine,” @YourAnonNews tweeted.
Marine tracking data was altered to rename Mr Putin’s yacht “FCKPTN” on digital displays.
Some 200 gigabytes worth of emails was reportedly stolen from Belarusian weapons manufacturer Tetraedr and released by hacktivists.
Ukraine itself is amassing a volunteer “IT Army” of civilian hackers from around the world to join the fight on a digital battleground alongside regular conscription, tech publication Wired reported.
Meanwhile researchers at private cyber security firm Proofpoint say they have identified a Chinese state-aligned hacking group targeting diplomats in Europe with malware emails.
Most recently, the account of a European NATO country diplomat working in migrant and refugee services was compromised and used to target other diplomatic offices.
The emails featured malicious links and decoy documents relating to border movements of Ukrainian refugees, with the aim of delivering malware called PlugX.
The threat actor identified as Red Delta is known to be aligned with China and the tempo of attacks has increased sharply since Russian troops began massing on the border.
Defence Minister Peter Dutton says he’s seeing reports Chinese telco giant Huawei is providing support to Russia to keep its Internet running to sustain the attacks from hackers around the world on infrastructure and naval and military assets of Russia.
Mr Dutton says he finds this “deeply concerning”.
“Every other responsible country in the world is looking at ways they can sanction and stop trading with Russia to keep the pressure up on President Putin to stop these horrific acts of war crimes that we’re seeing committed by Russia at the moment,” he says.
But he’s not going as far as backing a private citizen’s army of hackers.
Nor will he disclose whether Australia has unleashed its offensive cyber capabilities or intends to.