Ukraine’s Cyber Conflict With Russia

Uploaded on 2023-10-18 in NEWS-Cybersecurity News, INTELLIGENCE-Hot Spots-Russia, FREE TO VIEW

Since the invasion of Ukraine there has been a steady stream of disruptive cyber attacks against public services in both Ukraine and Russia with varying degrees of impact. Indeed, Russia has been developing and using offensive cyber capabilities against its perceived adversaries for at least 15 years. 

The first major cyber attack took place in January 2022, and took down more than a dozen of Ukraine's government websites. Around 70 government websites, including the Ministry of Foreign Affairs, the Cabinet of Ministers and the National and Defence Council (NSDC), were attacked however the effects were not major.

Prior to the invasion cyber attacks struck Ukraine and one small country familiar with such tactics rose to Kyiv’s aid - Estonia. The tech-savvy nation of just 1.3 million people, Estonia has become a leader in cyber defence and  NATO’s Cooperative Cyber Defence Centre (CCDCOE) is based in the capital of Tallinn and hosts large cyber defence exercises

On 24 February, Russia launched a full-scale invasion of Ukraine. Western intelligence officials believed that this would be accompanied by a major cyber attack against Ukrainian infrastructure, although this threat did not really materialise. 

Ukrainian Cyber Retaliation 

Cyber attacks on Ukraine have continued during the invasion, but with limited success and independent hacker groups that support Ukraine, such as Anonymous, have launched cyber attacks on Russia in retaliation for the invasion. This invasion was the fourth time Russia has used military force against a neighbour since the end of the Cold War and the seventh time Russia used cyber operations as part of a larger campaign or independently as an instrument of coercion against a neighbouring state.

Hacktivist groups have been using unsophisticated forms of cyber attack, but have successfully temporarily disrupted banks, companies, pharmacies, hospitals, railway networks and civilian government services for Ukrainian and Russian citizens.

Red Cross Hacker Rules

Recently two major hacktivist groups involved in the Ukraine conflict, Killnet and the IT Army of Ukraine, have  pledged to comply with the International Committee of the Red Cross (ICRC) rules for civilian hackers. These rules, dubbed a “Geneva Code of cyberwar,” are designed to reduce cyber attacks that impact civilians. Both groups have been involved in disruptive cyber attacks targeting public services, including hospitals and railways. 

By vowing to comply with the ICRC rules, hacker groups will avoid cyber attacks that affect civilians. By adhering to the ICRC rules, these hacktivist groups aim to avoid attacks that affect civilians and non-military infrastructure. 

The IT Army of Ukraine also said it would be following the ICRC's eight rules. The group, which has 160,000 members on its Telegram channel, also targets public services such as railway systems and banks. However, not all hacktivist groups are expected to follow these rules, and the situation in the region remains complex and volatile. 

Estonia

Estonia has earned its role as a cyber-partner for Ukraine the hard way. In 2007, the highly networked nation faced mass cyber attacks after it decided to remove a monument to the Soviet Army, which occupied Estonia from 1940 to 1991. Some ATMs stopped functioning, government workers were unable to communicate by email, and media outlets were unable to publish their work. 

Since Russia invaded Ukraine, Estonia has seen a decline in cyber attacks and many of the attacks are intended less to actually impede government activities than to demonstrate a political point. Although destructive attacks are most attention-grabbing, Russia’s main cyber activity in Ukraine has probably been focused on intelligence collection. 

Russian hackers have sought to gather data to inform Moscow’s military planning, weapons targeting, occupation activities, influence operations, and future negotiations with Kyiv. However, the various Russian military failures in Ukraine seem to have prevented Moscow from properly leveraging cyber intelligence, at least for now.

CSIS:    Oodaloop:    BBC:     DefenseOne:    Marcus Willet:   Carnegie Endowment:     

Image: David_Underland

You Might Also Read: 

The Israeli-Hamas Conflict Shows Cyber Warfare Is The New Normal:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« British Legislators Want To Ban Live Facial Recognition
The Duality of Cybersecurity »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Morphisec

Morphisec

Morphisec's world leading prevention-first software stops ransomware and other advanced attacks from endpoint to the cloud.

SecuGen

SecuGen

SecuGen is a leading provider of advanced, optical fingerprint recognition technology, products, tools and platforms for physical and information security.

Flexential

Flexential

Flexential helps organizations optimize their journey of IT transformation while simultaneously balancing cost, scalability, compliance and security.

Total Defense

Total Defense

Total Defense solutions include anti-malware, anti-virus, intrusion prevention & mobile security.

Computing Technology Industry Association (CompTIA)

Computing Technology Industry Association (CompTIA)

CompTIA is dedicated to advancing industry growth through its educational programs, market research, networking events, professional certifications, and public policy advocacy.

Bavarian IT Security Cluster

Bavarian IT Security Cluster

The Bavarian IT Security Cluster works to build regional IT security competencies and increase the competitiveness and market opportunities of its member companies.

ComCERT

ComCERT

ComCERT SA is an independent, private consulting company focusing in the assistance of its customers facing the dangers of cyber threats and security incidents.

Intelligent Business Solutions Cyprus (IBSCY)

Intelligent Business Solutions Cyprus (IBSCY)

IBSCY Ltd is a leading provider of total IT solutions and services in Cyprus specializing in the areas of cloud services and applications, systems integration, IT infrastructure and security.

Span

Span

Span designs, develops and maintains information systems based on advanced technological solutions of global IT leaders.

u-blox

u-blox

u-blox deliver leading wireless technology to reliably and securely locate and connect people and devices.

CPP Group UK

CPP Group UK

CPP Group UK develops products to help insurers add further value to their products and services through its innovative suite of new products in FinTech, InsurTech and cyber security.

rSolutions

rSolutions

rSolutions delivers managed cybersecurity services to clients in many industry sectors including financial services, telecommunications, energy, government and retail.

Splashtop

Splashtop

Splashtop’s cloud-based, secure, and easily managed remote access solution is increasingly replacing legacy approaches such as virtual private networks.

ExchangeDefender

ExchangeDefender

ExchangeDefender provides cybersecurity services that secures your company email and data, and guarantees 24/7 email access.

Burges Salmon

Burges Salmon

Burges Salmon is an independent UK law firm with a clear purpose to deliver the highest quality service and best experience, for our people and for you.