Cyber Conflict in the Russia-Ukraine War

  • March 2, 2022
  • By Cyberarch Admin

After months of brewing tension between the two countries Russia and Ukraine around the border issue, the crisis took a dramatic turn on February 24, 2022. Russian President Vladimir Putin declared a military operation against Ukraine. The Russian military has since launched a devastating attack on the Ukrainian territory by land, sea and air. However, it is important to note that wars are no more fought on the physical field alone but digitally too via relentless and sophisticated cyber attacks. 

According to experts, these invisible attacks have already been unleashed on Ukraine multiple times in the past few months. And on a broader note, the implications of cyber warfare will be possibly felt beyond the region, affecting a myriad number of countries worldwide. 

Cyberattacks on Ukraine

In the past two months, a large number of websites in Ukraine have been attacked by cybercriminals, albeit on a small scale. But in the last few days, high profile Ukrainian websites related to the Ministry of Foreign Affairs, Ukrainian Parliament, different government departments, important cabinet ministers have been ferociously attacked by Russia, according to the latest reports. The largest Ukrainian private bank was also hacked. 

Cyber experts have found highly powerful and massive Denial of Service DDoS cyber-attacks on Ukrainian websites. NetBlocks, the internet observatory group has confirmed the same. The ESET Research group has found a new data wiper malware that is being used in this cyber attack. The team also believes that the cyber attack has been in preparation for more than two months. 

Ukraine, it seems, was well-prepared for the imminent cyberattacks on its websites. These attacks were carefully handled with the help of the Cyber Rapid Response Team – CRRT, which is formed by six countries Lithuania, Croatia, Poland, Estonia, Romania, and the Netherlands. Ukraine has also received cybersecurity support from various countries such as Australia and the US. 


Wiper Malware

The new wiper malware, as the name suggests, deletes or wipes out all the data from the infected system. Technically nown as Trojan.Killdisk malware among the cybersecurity community, one of the major highlights of wiper malware is that the lost data cannot be recovered by any means. It has already affected different sectors like IT, defence, aviation and financial organizations. 

The malware is composed in the form of an executable file, which is shown to have a certificate from Hermetic Digital Ltd. Depending on the operating system; the malware drops the related file. As soon as a user runs the file, it will damage the Master boot record and will make it useless. Equipped with destructive abilities, it is aimed to completely eliminate data. 


Global Cybersecurity Risks

  • State Sponsored Cyber attacks: History

Historically, state-sponsored cyber attacks grow exponentially whenever there is simmering tension between two countries.  Cyber warfare is fast becoming an integral part of military operations worldwide. In 2014, when Russian forces invaded Crimea, the cyber intelligence and operations already shut down the telecommunication infrastructure in Crimea. Thus, cyber power played a crucial role in Russia’s offensive against Crimea.

It is not the first time Ukraine has experienced high-level cyber-attacks. Two regional power outages affected Ukraine in 2015 and 2016, and according to the US, the Russian attackers were behind the incident. Another event, popularly known as NotPetya Malware Attack, happened in June 2017, which affected government sectors, the financial market and the energy sector of Ukraine, leading to huge financial losses. 

  •  Native Countries

As Russia continues to launch cyberattacks on Ukraine, native countries as well the western countries are worried that the crisis could spill over, leading to global cyber war. Already, the wiper malware affected financial institutions and organizations in Latvia and Lithuania. Nearby countries like Estonia has also warned the European nations to be aware of and prepare for cybersecurity challenges in the immediate future. European Central Bank (ECB) has also warned European financial institutions of cyber-attacks from Russia. 

  • US & UK

Officials from countries like the US and the UK have already warned of the emergence of more cyber threats on their respective networks. Cybersecurity and Infrastructure Security Agency has alerted those companies that serve the US army to be careful of cyber break-in attempts. The U.S. Cybersecurity and Infrastructure Security Agency have already given warnings. UK’s National Cyber Security Centre has given a clear warning to organisations to improve their cybersecurity capabilities. Various businesses, depending on Ukraine’s IT services, will be deeply impacted. Experts have already warned of collateral damage on supply chains. 

Global Cyber-war Possibilities

On February 28, Monday, a hacker group by the name Belarus Cyber Partisans claimed to have disrupted rail service in Belarus, frustrating the Russian military and   preventing troop movements and their attacks. Ukraine is certainly upgrading its cyber defense by recruiting volunteers and building an IT army. The hacker collective by the name Anonymous has brought down many Russian government websites and news sources through DDoS attacks. Meanwhile, pro-Russian cyber criminals with ransomware expertise are preparing to attack back at Ukraine. This has raised serious concerns of cyber situation going out of control.

Many experts opine that Russian for some unknown reason has restrained itself from going all out against Ukraine on the cyber front. This may be due to the communication intelligence gathering. At the same time, many intelligence officials are expecting that Russia will scale its cyber attacks in the near future.

Cyber war is invisible and it is a different ball game in the sense that it is hard to understand the origins and difficult to detect. Unlike financial advantage sought by freelance cyber criminals, state sponsored attacks have different goals. It can be creating chaos, influencing people, spreading propaganda. At the same time, it may damage the pillars of a country like communication, water treatment, power, energy, finance etc. Technology breakdown is one of the most dangerous repercussions of cyber war.

Will this lead to an all-out cyber war on a global scale? Experts, at this point of time, do not think that the current situation will escalate to global cyber war. This is because Russia is more interested in the invasion of the land. Also, disrupting global economy through cyber attacks can come back to bite them as well.\


What Businesses Can Do?

Businesses, first of all, should look to strengthen their cybersecurity capabilities against well-known attack forms such as Malware, Ransomware, DDoS, Network attacks and Advanced Persistent Threats. Meanwhile, the decision-makers can lay out strategies to back up all essential data to prevent it from being eliminated through Wiper Malware as a preventive measure.

Secondly, business leaders must examine the supply chain of their respective business.

Thirdly, getting in touch with government cybersecurity teams should be given priority. Governments across the world have laid down general guidelines for better online security. This includes getting patch for all business related software as well as those that work via internet. Give a boost to your cyber security response by fine tuning processes and procedures, appointing security leaders and managers and preparing your team for any eventuality.

Finally, diligently observe for any cyber-attack attempts being made with the help of security organizations 365X24X7. If any company is unable to watch or examine cyber security, they are vulnerable to attacks and resulting damage. This is the reason you should partner with cybersecurity professionals to help you out. Also, empower employees to develop a strong culture of following best cybersecurity practices, at all times. This will help in protecting business, systems and clients.  

Individual citizens across the world can also take concrete steps to ensure cyber security and safe use of digital technology. This includes being alert against spam, unknown emails, and malicious links from unknown sources. The perennial need for a strong password cannot be stressed enough now. Keeping updated software in the systems is highly recommended. Also, do not disclose personal information on the web without assessing the credentials of the online platform or website.

Recent Articles

Got hacked? Speak to our security consultant.

Get in Touch
Scroll Top