Ukraine’s Cyber Conflict With Russia

Since the invasion of Ukraine there has been a steady stream of disruptive cyber attacks against public services in both Ukraine and Russia with varying degrees of impact. Indeed, Russia has been developing and using offensive cyber capabilities against its perceived adversaries for at least 15 years. 

The first major cyber attack took place in January 2022, and took down more than a dozen of Ukraine's government websites. Around 70 government websites, including the Ministry of Foreign Affairs, the Cabinet of Ministers and the National and Defence Council (NSDC), were attacked however the effects were not major.

Prior to the invasion cyber attacks struck Ukraine and one small country familiar with such tactics rose to Kyiv’s aid - Estonia. The tech-savvy nation of just 1.3 million people, Estonia has become a leader in cyber defence and  NATO’s Cooperative Cyber Defence Centre (CCDCOE) is based in the capital of Tallinn and hosts large cyber defence exercises

On 24 February, Russia launched a full-scale invasion of Ukraine. Western intelligence officials believed that this would be accompanied by a major cyber attack against Ukrainian infrastructure, although this threat did not really materialise. 

Ukrainian Cyber Retaliation 

Cyber attacks on Ukraine have continued during the invasion, but with limited success and independent hacker groups that support Ukraine, such as Anonymous, have launched cyber attacks on Russia in retaliation for the invasion. This invasion was the fourth time Russia has used military force against a neighbour since the end of the Cold War and the seventh time Russia used cyber operations as part of a larger campaign or independently as an instrument of coercion against a neighbouring state.

Hacktivist groups have been using unsophisticated forms of cyber attack, but have successfully temporarily disrupted banks, companies, pharmacies, hospitals, railway networks and civilian government services for Ukrainian and Russian citizens.

Red Cross Hacker Rules

Recently two major hacktivist groups involved in the Ukraine conflict, Killnet and the IT Army of Ukraine, have  pledged to comply with the International Committee of the Red Cross (ICRC) rules for civilian hackers. These rules, dubbed a “Geneva Code of cyberwar,” are designed to reduce cyber attacks that impact civilians. Both groups have been involved in disruptive cyber attacks targeting public services, including hospitals and railways. 

By vowing to comply with the ICRC rules, hacker groups will avoid cyber attacks that affect civilians. By adhering to the ICRC rules, these hacktivist groups aim to avoid attacks that affect civilians and non-military infrastructure. 

The IT Army of Ukraine also said it would be following the ICRC's eight rules. The group, which has 160,000 members on its Telegram channel, also targets public services such as railway systems and banks. However, not all hacktivist groups are expected to follow these rules, and the situation in the region remains complex and volatile. 

Estonia

Estonia has earned its role as a cyber-partner for Ukraine the hard way. In 2007, the highly networked nation faced mass cyber attacks after it decided to remove a monument to the Soviet Army, which occupied Estonia from 1940 to 1991. Some ATMs stopped functioning, government workers were unable to communicate by email, and media outlets were unable to publish their work. 

Since Russia invaded Ukraine, Estonia has seen a decline in cyber attacks and many of the attacks are intended less to actually impede government activities than to demonstrate a political point. Although destructive attacks are most attention-grabbing, Russia’s main cyber activity in Ukraine has probably been focused on intelligence collection. 

Russian hackers have sought to gather data to inform Moscow’s military planning, weapons targeting, occupation activities, influence operations, and future negotiations with Kyiv. However, the various Russian military failures in Ukraine seem to have prevented Moscow from properly leveraging cyber intelligence, at least for now.

CSIS:    Oodaloop:    BBC:     DefenseOne:    Marcus Willet:   Carnegie Endowment:     

Image: David_Underland

You Might Also Read: 

The Israeli-Hamas Conflict Shows Cyber Warfare Is The New Normal:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« British Legislators Want To Ban Live Facial Recognition
The Duality of Cybersecurity »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

eScan AV

eScan AV

eScan develops Information Security solutions that provide protection against current and evolving cyber threats.

LRQA

LRQA

LRQA are a leading global assurance provider, bringing together unrivalled expertise in certification, brand assurance, cybersecurity, inspection and training.

evoila

evoila

evoila GmbH is one of the leading providers in consulting, analysis, implementation and management of cloud infrastructure.

IMS Networks

IMS Networks

IMS Networks specializes in the design and management of high criticality networks and telecoms services including network security and Managed Security Services.

S21sec

S21sec

S21sec is a leading European pure play cybersecurity consultancy, services and solutions provider.

IPQualityScore (IPQS)

IPQualityScore (IPQS)

IPQS anti-fraud tools provide a real-time fraud score to analyze how likely a user or visitor is to engage in fraudulent behavior.

Seconize

Seconize

Seconize empowers enterprises to proactively manage their cyber risks, prioritize remediations, optimize security spending and ensure compliance.

Exponential-e

Exponential-e

Exponential-e provide Cloud and Unified Communications services and world-class Managed IT Services including Cybersecurity.

C3i Hub

C3i Hub

C3i Hub aims to address the issue of cyber security of cyber physical systems in its entirety, from analysing security vulnerabilities to developing tools and technologies.

Allied Telesis

Allied Telesis

Allied Telesis delivers the secure, flexible, and agile solutions needed to meet the expectations of any industry’s critical mission.

Auvik Networks

Auvik Networks

Auvik is easy-to-use cloud-based networking management and monitoring software - true network visibility and control without the hassle.

Atlantic Data Security

Atlantic Data Security

Atlantic Data Security is skilled in the analysis, recommendation, deployment, and management of all critical components of the security infrastructure.

BrainStorm

BrainStorm

BrainStorm Threat Defense takes a new human-focused approach to security awareness that traditional training lacks. It’s a cutting-edge platform to make your users more security savvy.

Iolo

Iolo

Iolo develops patented technology and award-winning software that repairs, optimizes, and protects computers, to maximize system speed and performance while keeping them safe.

Netcraft

Netcraft

Netcraft is a global leader in cybercrime detection and disruption, combining cutting-edge technology with decades of experience to protect organizations of all sizes from digital threats and attacks.

IT.ie

IT.ie

IT.ie are a comprehensive provider of Managed IT Services, Cloud Solutions, Cyber Security, and proactive IT support services.