Russia Steps Up Cyberwar Against Ukraine

Uploaded on 2023-12-20 in NEWS-Cybersecurity News, INTELLIGENCE-Hot Spots-Russia, FREE TO VIEW

Since before the start of Russia's failed invasion in 2022,  Ukraine’s national infrastructure - beginning with  the electricity supply and telecoms -  has suffered from Russian cyber attacks. These have targeted the logistics, health care, agricultural and retail sectors, making it more difficult for Ukraine to produce and distribute food and medicine to its population. 

Frequent attacks against media, telecommunications and Internet providers make it harder for the country to keep its populace well informed about attacks using conventional weapons.

Those conducted against Ukraine’s energy providers and storage facilities undermine its ability to keep its population warm and able to work. However, Russia’s Winter cyber warfare campaigns have not limited their scope to targeting Ukraine-based entities alone  - they have frequently affected neighbouring  countries that support it

Now, the threat intelligence experts at Cyjax has published new research titled 'The Cyber Winter of Discontent'  which analyses the conflict in Ukraine makes predictions as to how Russia may conduct cyber military activity over winter this year.

It finds that Russia is facing a crisis of resources and manpower and with Ukraine receiving a steady supply of defensive weapons and technology from the West, Russia may struggle to effectively deploy malware against its critical national infrastructure at scale. Cyjax think that Russia may turn its attention to more cost-effective tactics outside of the region in an effort to disrupt supply chains and deter the West from supplying its ally. 

In particular, analysts at Cyjax have made multiple predictions on how the country will strategise over the cold months:

  •  Russia will likely choose to keep some cyber attack resources in reserve rather than exhausting them all during this war, to ensure that they retain offensive and defensive capabilities should they be invaded themselves.
  •  Hacktivism will be a core component of Russia’s campaign, due to its low operational cost and the level of plausible deniability.
  •  Cyjax has observed a number of hacktivist groups increasing in activity namely: UserSec, SiergedSec, NoName057, AnonymousSudan, AnonymousRussia, and Killnet.
  •  In an effort to disrupt military supply chains in 2024, Russia will continue to target the CNI of Ukraine’s allies; it is likely cyber defences outside of Ukraine have remained comparatively weak as they have not been so heavily targeted in comparison to those of Ukraine.
  •  Cyjax has observed many pro-Kremlin hacktivist collectives switching their targeting away from Ukraine to attacks on organisations based in Israel and those countries supporting it. 

“The West’s support to Ukraine’s cyber defences has stagnated Russian attacks, putting the Russia in a difficult position as it struggles to find resources for a cyber and kinetic attack... which is why it makes sense that it would turn its attention to western critical infrastructure to induce war fatigue and disrupt supply chains" according to Roman Faithful, Cyber Intelligence Lead at Cyjax. 

Although military experts anticipate less activity on the ground over the winter period, businesses and cyber security experts should be on their guard for any irregular activity and bolster their defences across the cyber and information space over what could be a very difficult winter in Ukraine.

Image: Alexandra Koch

You Might Also Read: 

Online Conflict In Gaza & Ukraine:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Joint Opposition To Online Threats From North Korea
Artificial Intelligence Is Good For The Legal Profession »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Delphix

Delphix

Delphix is the industry leader for DevOps test data management.

Feedzai

Feedzai

Feedzai provide software that uses big data analysis and machine-based learning to prevent fraud in ecommerce.

Konfidas

Konfidas

Konfidas provide high-level cybersecurity consulting and professional tailored solutions to meet specific cybersecurity operational needs.

KLDiscovery

KLDiscovery

KLDiscovery is a global leader in delivering best-in-class eDiscovery, information governance and data recovery solutions.

National Cyber Security Agency (NACSA) - Malaysia

National Cyber Security Agency (NACSA) - Malaysia

NACSA is the leading government agency in Malaysia responsible for the development and implementation of national cyber security management policie and strategies.

SEEK

SEEK

SEEK create world-class technology solutions to address the needs of job seekers and hirers across multiple sectors including cybersecurity.

Camel Secure - ZeroRisk

Camel Secure - ZeroRisk

Camel Secure is a company specialized in the development of products for information security and technology risk management.

UST

UST

UST is a global provider of digital technology and transformation, IT services and solutions including managed security services.

SolCyber

SolCyber

SolCyber, a Forgepoint company, is the first modern MSSP to deliver a curated stack of enterprise strength security tools and services that are accessible and affordable for any organization.

Ibento Global

Ibento Global

Ibento organises the CyberX series of cybersecurity conferences.

Akto

Akto

Akto, the plug & play API security platform. Discover your APIs, run tests and find business logic vulnerabilities at ludicrous speed.

Quarkslab

Quarkslab

Quarkslab is a dedicated team of cyber-security engineers and developers. We aim at forcing the attackers, not the defender, to adapt constantly.

Data Defenders

Data Defenders

Data Defenders provide information security technology solutions that empower consumers, businesses and governments with safe and secure IT and cybersecurity infrastructures.

SyberFort

SyberFort

SyberFort offers a suite of SAAS-based platforms designed to fortify your digital defenses including Threat Intelligence and Brand Protection.

BTQ Technologies

BTQ Technologies

BTQ is a global quantum technology company focused on securing mission critical networks.

Nova Microsystems

Nova Microsystems

Nova's mission is to revolutionize cybersecurity through continuous data analysis and dynamic AI-driven encryption.