Ukraine’s Cyber Conflict With Russia

Uploaded on 2023-10-18 in NEWS-Cybersecurity News, INTELLIGENCE-Hot Spots-Russia, FREE TO VIEW

Since the invasion of Ukraine there has been a steady stream of disruptive cyber attacks against public services in both Ukraine and Russia with varying degrees of impact. Indeed, Russia has been developing and using offensive cyber capabilities against its perceived adversaries for at least 15 years. 

The first major cyber attack took place in January 2022, and took down more than a dozen of Ukraine's government websites. Around 70 government websites, including the Ministry of Foreign Affairs, the Cabinet of Ministers and the National and Defence Council (NSDC), were attacked however the effects were not major.

Prior to the invasion cyber attacks struck Ukraine and one small country familiar with such tactics rose to Kyiv’s aid - Estonia. The tech-savvy nation of just 1.3 million people, Estonia has become a leader in cyber defence and  NATO’s Cooperative Cyber Defence Centre (CCDCOE) is based in the capital of Tallinn and hosts large cyber defence exercises

On 24 February, Russia launched a full-scale invasion of Ukraine. Western intelligence officials believed that this would be accompanied by a major cyber attack against Ukrainian infrastructure, although this threat did not really materialise. 

Ukrainian Cyber Retaliation 

Cyber attacks on Ukraine have continued during the invasion, but with limited success and independent hacker groups that support Ukraine, such as Anonymous, have launched cyber attacks on Russia in retaliation for the invasion. This invasion was the fourth time Russia has used military force against a neighbour since the end of the Cold War and the seventh time Russia used cyber operations as part of a larger campaign or independently as an instrument of coercion against a neighbouring state.

Hacktivist groups have been using unsophisticated forms of cyber attack, but have successfully temporarily disrupted banks, companies, pharmacies, hospitals, railway networks and civilian government services for Ukrainian and Russian citizens.

Red Cross Hacker Rules

Recently two major hacktivist groups involved in the Ukraine conflict, Killnet and the IT Army of Ukraine, have  pledged to comply with the International Committee of the Red Cross (ICRC) rules for civilian hackers. These rules, dubbed a “Geneva Code of cyberwar,” are designed to reduce cyber attacks that impact civilians. Both groups have been involved in disruptive cyber attacks targeting public services, including hospitals and railways. 

By vowing to comply with the ICRC rules, hacker groups will avoid cyber attacks that affect civilians. By adhering to the ICRC rules, these hacktivist groups aim to avoid attacks that affect civilians and non-military infrastructure. 

The IT Army of Ukraine also said it would be following the ICRC's eight rules. The group, which has 160,000 members on its Telegram channel, also targets public services such as railway systems and banks. However, not all hacktivist groups are expected to follow these rules, and the situation in the region remains complex and volatile. 

Estonia

Estonia has earned its role as a cyber-partner for Ukraine the hard way. In 2007, the highly networked nation faced mass cyber attacks after it decided to remove a monument to the Soviet Army, which occupied Estonia from 1940 to 1991. Some ATMs stopped functioning, government workers were unable to communicate by email, and media outlets were unable to publish their work. 

Since Russia invaded Ukraine, Estonia has seen a decline in cyber attacks and many of the attacks are intended less to actually impede government activities than to demonstrate a political point. Although destructive attacks are most attention-grabbing, Russia’s main cyber activity in Ukraine has probably been focused on intelligence collection. 

Russian hackers have sought to gather data to inform Moscow’s military planning, weapons targeting, occupation activities, influence operations, and future negotiations with Kyiv. However, the various Russian military failures in Ukraine seem to have prevented Moscow from properly leveraging cyber intelligence, at least for now.

CSIS:    Oodaloop:    BBC:     DefenseOne:    Marcus Willet:   Carnegie Endowment:     

Image: David_Underland

You Might Also Read: 

The Israeli-Hamas Conflict Shows Cyber Warfare Is The New Normal:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« British Legislators Want To Ban Live Facial Recognition
The Duality of Cybersecurity »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Pluralsight

Pluralsight

Pluralsight helps enterprises build technology skills at scale with expert-authored courses on today’s most important technologies including information and cyber security.

FedRAMP

FedRAMP

FedRAMP, is a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services.

e-Lock

e-Lock

e-Lock services include IT security consulting and training, security systems integration, managed security and technical support.

RCMP National Cybercrime Coordination Unit (NC3)

RCMP National Cybercrime Coordination Unit (NC3)

As set out in the Government of Canada's National Cyber Security Strategy, the RCMP has established the National Cybercrime Coordination Unit (NC3).

Fischer Identity

Fischer Identity

Fischer Identity provide identity & access management and identity governance administration solutions.

RUSCADASEC

RUSCADASEC

RUSCADASEC is an independent non-profit initiative on developing the open Russian-speaking international community of industrial cyber security/ICS/SCADA cyber security professionals.

Startupbootcamp Fintech & Cybersecurity

Startupbootcamp Fintech & Cybersecurity

Startupbootcamp is the world’s largest network of multi-corporate backed accelerators helping startups scale internationally.

Technology Ireland ICT Skillnet

Technology Ireland ICT Skillnet

Technology Ireland ICT Skillnet is a network of companies who collaborate to address skills needs within the technology sector.

ValueMentor

ValueMentor

ValueMentor is a leading cyber security service provider in the Middle East. We enable clients to reduce risk by taking a strategic approach to cybersecurity.

Data Privacy Office (DPO)

Data Privacy Office (DPO)

Data Privacy Office is a company that specializes in privacy and personal data protection, following the highest standards in its sector.

Automation Workz

Automation Workz

Automation Workz has been ranked as a top 10 Cybersecurity Bootcamp in the US by Career Karma.

East Midlands Cyber Resilience Centre (EMCRC)

East Midlands Cyber Resilience Centre (EMCRC)

The East Midlands Cyber Resilience Centre is set up to support and help protect businesses across the region against cyber crime.

PagerDuty

PagerDuty

PagerDuty is the central nervous system for a company’s digital operations. We identify issues in real-time and bring together the right people to respond to problems faster.

Xact IT Solutions

Xact IT Solutions

Xact IT Solutions are a certified cybersecurity firm offering cybersecurity, compliance and managed services.

X-Analytics

X-Analytics

X-Analytics is a cyber risk analytics application to create a better way for organizations to understand and manage cyber risk.

Karate Labs

Karate Labs

Karate is an open-source unified test automation platform combining API testing, API performance testing, API mocks & UI testing.