As Russian forces attacked Ukraine, the country was also target of a campaign of cyberattacks.
In the weeks leading up to the Russian invasion, several of Ukraine government department and bank websites were taken offline and data wiping malware was unleashed on government systems.
The physical attack to Ukraine may have been surprising, but the cyber-attack was not. Cyber weapons have been used against Ukraine for years. Paul Chichester, director of operations at the National Cyber Security Centre said: “Over several years, we have observed a pattern of malicious Russian behaviour in cyber space. Last week’s incidents in Ukraine bear the hallmarks of similar Russian activity we have observed before.”
Ukraine is an appealing target since it has similar infrastructure as most Western European and North American countries, but with more limited resources to counterattack.
Among the latest attacks against Ukraine, there has been a distributed denial of service (DDoS) attack. This type of attack deploys bots flood an online service, overwhelming it until it crashes and blocking legitimate users from accessing. Another recent account entailed Ukrainian citizens receiving fake messages saying that the ATM service had gone offline, causing bank runs, panic and uncertainty.
Cyber-attacks have the potential to wipe out infrastructure, affecting telecommunication services, water and electricity supply. These kinds of attacks can be carried out more rapidly than standard weapon attacks and they can be carried out at a distance. While launching them is simple and inexpensive, defending from them is extremely hard and costly, which is further debilitating Ukraine while it attempts to defend from the Russian military aggression.
Six European countries (Lithuania, Netherlands, Poland, Romania, Croatia and Estonia) are supporting Ukraine’s cyber infrastructure and are sending cyber security experts to give assistance in dealing with this threat.
Although Russia successfully evaded most responsibility for the cyber-attack, its history of destructive cyber-attacks in Ukraine is currently rising more concerns about future cyberwars. This should alert private and public entities, who should update their security protocols, deploy new tools and enhance their processes.
The private sector in particularly may be unprepared and vulnerable to disruptions.
To prepare for cyberattacks and to minimize potential damage companies should:
- Make sure they update software throughout the whole organization and patch previous vulnerabilities;
- Ensure the presence of effective malware detection and antivirus software;
- Frequently backup important data in case it gets destroyed;
- Look for potential vulnerabilities in the cyber supply chain;
- Testing incident response plan and carrying out scenario analysis.
Cyber-attacks are not confined to national boundaries, and they could become global due to spillover effect. A global cyberwar would shut down many sectors at the same time, due to the interdependence of critical infrastructure sectors like communications and electricity.
Furthermore, there can be serious financial ramifications: the insurance market is already experiencing problems in pricing protection against them. Perhaps it is time for more government intervention in the area.
While the conflict is still evolving, cyber operations do not seem to be playing a decisive role on the battlefield. These operations are a form of modern political warfare, not decisive battles and support subversion, espionage and propaganda efforts. With the right effort, well-resourced organizations can properly defend from cyber threats.