Russian cyberattacks on Ukraine could worsen amid armed conflict: Expert

Published: Updated:
Read Mode
100% Font Size
5 min read

Cyberattacks have hit major government websites and infrastructure in Ukraine over the past couple of days but an expert told Al Arabiya English that he expects attacks could worsen amid armed conflict.

When asked about some recent cyberattacks on Ukraine’s government and financial institutions, Senior Vice President of Intelligence at cybersecurity firm CrowdStrike Adam Myers said that the state-sponsored attacks by Russia on Ukraine have dissipated over the past week.

For the latest headlines, follow our Google News channel online or via the app.

“It was a relatively brief attack but it had a pretty significant impact. I think it was at least three times larger in magnitude than usual traffic to those targets,” Myers told Al Arabiya English. “But in terms of the crisis I think if you roll back about nine years, you can start to see the continuing ease of which some of the threat actors have targeted Ukraine that we associate with Russia.”

He anticipated that the cyberattacks would worsen in the event that there is armed conflict.

“The Russians will incorporate cyber operations as part of their strategy. Their cyber capabilities will be used to deny or disrupt the infrastructure of Ukraine. You will also see misinformation and fake information that is delivered through information operations using various cyber means and also potential psychological warfare that leverage cyberattacks to potentially disrupt things in Ukraine and impact the willingness of people to resist.”

He added, “There's been a continuing set of operations against Ukraine by Russian aligned for actors.”

Data provided by CrowdStrike showed that Russia-affiliated cyber-attacks have been targeting Ukraine since 2014.

In May 2014, Russia-associated threat actor Voodoo Bear targeted Ukrainian energy and transportation organizations. Following this, the threat actor targeted media outlets during local elections in October 2015, followed by an attack on an energy provider in western Ukraine just two months later.

CrowdStrike observed that the volume of these attacks on Ukraine increased during 2016 and 2017. In December 2016 alone, Voodoo Bear targeted state-operated financial institutions, rail companies, and an energy provider which caused an energy outage in Kyiv.

The 2022 CrowdStrike Global Threat Report, released in mid-February, found an 82 percent increase in ransomware-related data leaks, adding two new threat actors: WOLF and OCELOT, associated with Turkey and Colombia respectively, amounting to 21 tracked adversaries across the globe.

Potential global impact of Russian cyberattacks on Ukraine

Russian cyberattacks on Ukraine could negatively impact several Fortune 500 companies, Forbes reported on Thursday.

“Here’s the most sobering statistic I've seen about the threat to businesses all over the globe that the Russian invasion of Ukraine poses in terms of cybersecurity: According to Ukraine’s Ministry of Foreign Affairs, 1 in 5 Fortune 500 companies rely on Ukraine’s IT outsourcing sector,” CEO of cybersecurity firm Rank Secure, Baruch Labunski was quoted as saying by Forbes.

“That means that even if your business isn’t directly targeted by Russian-based cyberattacks, you may still feel the impact,” he warned.

Destructive software hits hundreds of computers in Ukraine

A newly discovered piece of destructive software found circulating in Ukraine hit hundreds of computers, according to researchers at the cybersecurity firm ESET, part of what Ukrainian officials said was an intensifying wave of hacks aimed at the country, Reuters reported on Wednesday.

In a series of statements posted to Twitter, the company said that the data wiping program had been “installed on hundreds of machines in the country,” an attack it said had likely been in the works for the past couple of months.

Vikram Thakur of cybersecurity firm Symantec, which is also looking into the attacks, told Reuters that infections had spread widely, with apparent activity across Ukraine.

Who is responsible for the wiper is unclear, although suspicion immediately fell on Russia, which has repeatedly been accused of launching data-scrambling hacks against Ukraine and other countries. Russia has denied the allegations.

Ukraine has already been repeatedly hit by hackers in the past few weeks as Russia massed troops around its borders. Fears of a full-scale invasion rose after Moscow this week ordered troops to two separatist regions in eastern Ukraine and Russian President Vladimir Putin announced a military operation in Ukraine on Thursday.

In a televised address, Putin said the action comes in response to threats coming from Ukraine. He added that Russia doesn’t have a goal to occupy Ukraine. Putin said the responsibility for bloodshed lies with the Ukrainian “regime.”

Read more:

Ukraine leader says Russia attacking ‘our military infrastructure’

Cryptocurrencies fall amid Russian invasion of Ukraine

Russia halts vessel movement in Azov sea, but keeps ports in Black Sea open

Top Content Trending