Ukraine’s Cyber Conflict With Russia

Uploaded on 2023-10-18 in NEWS-Cybersecurity News, INTELLIGENCE-Hot Spots-Russia, FREE TO VIEW

Since the invasion of Ukraine there has been a steady stream of disruptive cyber attacks against public services in both Ukraine and Russia with varying degrees of impact. Indeed, Russia has been developing and using offensive cyber capabilities against its perceived adversaries for at least 15 years. 

The first major cyber attack took place in January 2022, and took down more than a dozen of Ukraine's government websites. Around 70 government websites, including the Ministry of Foreign Affairs, the Cabinet of Ministers and the National and Defence Council (NSDC), were attacked however the effects were not major.

Prior to the invasion cyber attacks struck Ukraine and one small country familiar with such tactics rose to Kyiv’s aid - Estonia. The tech-savvy nation of just 1.3 million people, Estonia has become a leader in cyber defence and  NATO’s Cooperative Cyber Defence Centre (CCDCOE) is based in the capital of Tallinn and hosts large cyber defence exercises

On 24 February, Russia launched a full-scale invasion of Ukraine. Western intelligence officials believed that this would be accompanied by a major cyber attack against Ukrainian infrastructure, although this threat did not really materialise. 

Ukrainian Cyber Retaliation 

Cyber attacks on Ukraine have continued during the invasion, but with limited success and independent hacker groups that support Ukraine, such as Anonymous, have launched cyber attacks on Russia in retaliation for the invasion. This invasion was the fourth time Russia has used military force against a neighbour since the end of the Cold War and the seventh time Russia used cyber operations as part of a larger campaign or independently as an instrument of coercion against a neighbouring state.

Hacktivist groups have been using unsophisticated forms of cyber attack, but have successfully temporarily disrupted banks, companies, pharmacies, hospitals, railway networks and civilian government services for Ukrainian and Russian citizens.

Red Cross Hacker Rules

Recently two major hacktivist groups involved in the Ukraine conflict, Killnet and the IT Army of Ukraine, have  pledged to comply with the International Committee of the Red Cross (ICRC) rules for civilian hackers. These rules, dubbed a “Geneva Code of cyberwar,” are designed to reduce cyber attacks that impact civilians. Both groups have been involved in disruptive cyber attacks targeting public services, including hospitals and railways. 

By vowing to comply with the ICRC rules, hacker groups will avoid cyber attacks that affect civilians. By adhering to the ICRC rules, these hacktivist groups aim to avoid attacks that affect civilians and non-military infrastructure. 

The IT Army of Ukraine also said it would be following the ICRC's eight rules. The group, which has 160,000 members on its Telegram channel, also targets public services such as railway systems and banks. However, not all hacktivist groups are expected to follow these rules, and the situation in the region remains complex and volatile. 

Estonia

Estonia has earned its role as a cyber-partner for Ukraine the hard way. In 2007, the highly networked nation faced mass cyber attacks after it decided to remove a monument to the Soviet Army, which occupied Estonia from 1940 to 1991. Some ATMs stopped functioning, government workers were unable to communicate by email, and media outlets were unable to publish their work. 

Since Russia invaded Ukraine, Estonia has seen a decline in cyber attacks and many of the attacks are intended less to actually impede government activities than to demonstrate a political point. Although destructive attacks are most attention-grabbing, Russia’s main cyber activity in Ukraine has probably been focused on intelligence collection. 

Russian hackers have sought to gather data to inform Moscow’s military planning, weapons targeting, occupation activities, influence operations, and future negotiations with Kyiv. However, the various Russian military failures in Ukraine seem to have prevented Moscow from properly leveraging cyber intelligence, at least for now.

CSIS:    Oodaloop:    BBC:     DefenseOne:    Marcus Willet:   Carnegie Endowment:     

Image: David_Underland

You Might Also Read: 

The Israeli-Hamas Conflict Shows Cyber Warfare Is The New Normal:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« British Legislators Want To Ban Live Facial Recognition
The Duality of Cybersecurity »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

RU-CERT

RU-CERT

RU-CERT is the CSIRT / CERT team of the Russian Federation.

Cyber Security For Critical Assets (CS4CA)

Cyber Security For Critical Assets (CS4CA)

Cyber Security For Critical Assets is a global series of summits focusing on cyber security for critical infrastructure.

CybergymIEC

CybergymIEC

CybergymIEC is a global leader in cyber defense solutions and training services.

Sage Designs

Sage Designs

Sage Designs is a provider of SCADA, Security & Industrial Automation products and training programs.

Halcyon Knights

Halcyon Knights

Halcyon Knights is a specialist executive search and IT recruitment agency in the APAC region. Areas of specialisation include cybersecurity.

ioXt Alliance

ioXt Alliance

The ioXt Alliance is a group of manufacturers, industry alliances and government organizations dedicated to harmonizing best security practices in a highly connected world.

KeyXentic

KeyXentic

KeyXentic Inc. is a professional mobile and data security service provider. We are devoted to design convenient and strong security for user’s data protection and privacy without any compromise.

NuID

NuID

NuID is a pioneer in trustless authentication and decentralized digital identity.

OWN

OWN

OWN (formerly SEKOIA) is a major French player in cybersecurity providing tailor-made, informed and adapted cyber support thanks to its DNA of passionate and committed experts.

Gigit

Gigit

Gigit’s Service portfolio focuses on your business’ needs and the integration of comprehensive cybersecurity policies, plans, procedures, and practices into your business culture and operations.

Sentor Managed Security Services

Sentor Managed Security Services

Sentor Managed Security Services is a cybersecurity company that enables organizations to exist in a digitally connected world.

ramsac

ramsac

ramsac provide secure, resilient IT management, cybersecurity, 24 hour support and IT strategy to businesses in London and the South East.

Cyber Security Partners (CSP)

Cyber Security Partners (CSP)

Cyber Security Partners specialise in the provision of Cyber Security Consultancy, Data Protection and Certification and Compliance services.

Emtec

Emtec

Emtec’s cyber security team provides advisory, assessment, & managed security services that help you build the cyber security policies, toolsets & best practices to elevate your cyber security posture

ACI Learning

ACI Learning

ACI Learning - Training tomorrow’s industry leaders with formats for all types of learners in Audit, Cybersecurity, and IT.

eCapital

eCapital

eCAPITAL is a leading venture capital firm that provides early to growth stage funding to technology companies in fields including software & information technology, cybersecurity and industry 4.0.