How one Ukrainian ethical hacker is training 'cyber warriors' in the fight against Russia
In the Ukrainian hacker community, Nikita Knysh is a household name. The 31-year-old former employee of Ukraine’s Security Service (SBU) founded cybersecurity consulting company HackControl in 2017 and launched a YouTube channel about internet security and digital literacy. It has about 8,000 subscribers.
When the war broke out in Ukraine, Knysh took up a weapon — his computer — and began fighting back against Russia in cyberspace. He wasn’t alone: thousands of volunteers were ready to try to hack Russia while its troops were destroying Ukrainian cities and killing people on the ground.
“I realized that we should take control of the situation,” Knysh told The Record. “Our government didn’t have a ‘cyber army’, so we built it ourselves.”
To teach Ukrainians the basics of digital guerrilla war, Knysh launched a website called “HackYourMom Academy,” a guide to hacking. The website is free to use and is available in Ukrainian, Russian and English.
Some lessons are simple: how to install an antivirus program, connect to a VPN, or use a virtual machine. Others are more advanced, such as how to conduct distributed denial-of-service (DDoS) attacks or hack Russian cameras and WiFi routers.
The platform is most popular among tech-savvy Ukrainian students, according to Knysh. Unlike an outdated, theory-based university curriculum, HackYourMom encourages them to put their knowledge into practice.
Knysh doesn’t disclose how many people use his platform or what attacks they are responsible for — attributions in the hacking world can be dangerous. But the nearly 10,000 followers of the HackYourMom Telegram channel gives some indication of its reach.
With this project, Knysh wants to fill a gap in cybersecurity education that, in his opinion, the government has failed to address. Only 19 out of nearly 250 Ukrainian universities teach cybersecurity programs. And even those specialists who have the knowledge prefer to outsource their skills abroad rather than work for local companies in low-paying government jobs.
Global demand for cybersecurity specialists has increased by more than 40% in the past year, driven by businesses reacting to ransomware attacks and phishing campaigns. To expand the talent pool and train more young workers, cybersecurity activists are creating their own courses and training programs, including HackYourMom.
Ethical side of hacking
Days after Russia’s full-scale invasion, Ukrainian hacktivists flocked to Telegram — one of the country’s most popular messaging apps — to discuss how to access Russian cyberspace. Their main goals were to tell Russians the truth about the war in Ukraine and, at the same time, “to make life in Russia very uncomfortable,” Knysh said.
The most famous group of hacktivists — IT Army — now has almost 250,000 followers on Telegram. One of its favorite tools are DDoS attacks, which flood Russian websites with junk traffic to knock them offline.
International experts are concerned about the potential consequences of these attacks. In a 32-page paper, Stefan Soesanto, a senior researcher with the Zurich-based think tank Center for Security Studies, said that the IT Army violates “the existing legal frameworks” for state behavior in cyberspace. Soesanto refuses to treat IT Army as “random volunteers” and argues that it largely consists of Ukrainian defense and intelligence services — a claim that the Ukrainian government and cybersecurity specialists have repeatedly denied.
Knysh said that Ukraine has the right to attack Russia in cyberspace in response to its military actions. “Not attacking your enemy in cyberspace is stupid,” he said. “In the past, soldiers destroyed logistics and production facilities, but now they also attack technology and information,” he added.
Moreover, the Russians actively respond to these attacks, and Knysh's website itself is a frequent target. On July 5, for instance, it suffered a DDoS attack that generated 69 million requests within 24 hours.
HackYourMom has an entire section dedicated to cyber warfare. For example, it explains how students can learn how to find Russian soldiers responsible for atrocities in Ukraine on the internet with the help of open-source intelligence (OSINT) or how to install software for DDoS attacks.
“We don't encourage people to attack — we give them the tools. They decide themselves what to do with them,” Knysh said.
For years, Ukraine has been a "testing ground" for Russian hackers. Now Russia is a "playground" for hackers who support Ukraine, Knysh said. “Everyone has as much fun [fighting Russia online] as they can,” he added.
Now is a unique time when Ukrainian hacktivists can join so-called red teams that break into defenses. “When they have learned to attack, it will be easier for them to learn to defend better in the future,” Knysh said.
Perfect hacker
Like many specialists in this field, Knysh learned the basics of hacking by creating cheats for video games. He graduated from university in the eastern Ukrainian city of Kharkiv in 2013 with a degree in radio engineering, and in 2014, when Russia first invaded Ukraine, he joined the SBU to protect the country’s information security.
Knysh specializes in web server security and cyber forensic investigations. “People think that being a hacker means hacking everything, but this is not true. There are different specializations,” he said.
Name | Price for exam |
Certified Information Systems Security Professional (CISSP) | $749 |
Certified Information Systems Auditor (CISA) | $575 for members, $760 for non-members |
Certified Information Security Manager (CISM) | $575 for members, $760 for non-members |
CompTIA Security+ | $370 |
Certified Ethical Hacker (CEH) | $950 to $1,199, depending on testing location |
GIAC Security Essentials Certification (GSEC) | $2,499 (includes two practice tests) |
Systems Security Certified Practitioner (SSCP) | $249 |
CompTIA Advanced Security Practitioner (CASP+) | $466 |
GIAC Certified Incident Handler (GCIH) | $2,499 (includes two practice tests) |
Offensive Security Certified Professional (OSCP) | from $999 |
Depending on their expertise and interests, a cybersecurity specialist should receive a certificate, which ensures that hackers not only understand the technology but also know the ethics of the work. Knysh devoted an entire section on HackYourMom to explaining the types of certificates for cyber specialists in various fields.
What else should a professional starting a career in the field of cybersecurity know? HackYourMom has the following requirements: to understand how Windows and Linux operating systems work; to have minimal knowledge of cyber literacy and privacy; to have the necessary software: antivirus program, VPN, anonymous web browser, and a virtual machine.
"I believe in practical education," Knysh said. "Our users learn how to hack CCTV cameras and Wi-Fi routers to help Ukraine win."
Daryna Antoniuk
is a reporter for Recorded Future News based in Ukraine. She writes about cybersecurity startups, cyberattacks in Eastern Europe and the state of the cyberwar between Ukraine and Russia. She previously was a tech reporter for Forbes Ukraine. Her work has also been published at Sifted, The Kyiv Independent and The Kyiv Post.