Russian hackers are stepping up and diversifying their attacks on Ukraine, study finds

As the Russian invasion of Ukraine reaches its sixth month, Russian hackers are stepping up and diversifying their attacks on the country and its citizens, sending mass text messages to Ukrainian civilians threatening their lives if they do not withdraw from at home, trying to rape the country. banks, and even paralyze some of their basic public services.

In a presentation at DEF CON 30Kenneth Geers, a security specialist at Very Good Security and a researcher at the NATO Cyber ​​Center, explained how Russia had been planning these actions for years, including through ongoing attacks on power grids and communications systems in the Ukrainian cities.

Russian attacks on Ukraine’s power grid are nothing new, but they have become increasingly frequent as the country tries to flex its digital muscle. The first Kremlin attack was carried out in 2015, blocking part of the national network for six hours. Russian hackers staged another similar attack a year later. This not only punished Ukraine, but also demonstrated Russia’s power in its ability to carry out a cyberattack against another nation. It was just a foreshadowing of the 2022 invasion, during which, before Russia’s major military operations, cyberattacks spiked across the country. Major attacks are now a permanent feature of the war as it drags on, with more 300 documented cyberattacks in and around Ukraine since the start of the conflict in February.

“Troops no longer move without significant pirate support,” Geers told Gizmodo in an interview about his presentation. Specifically, he said, Microsoft noted on Feb. 17 that Russian hackers had been active in the border city of Sumy, targeting critical infrastructure networks ahead of troop movements. These attacks, according to Geers, lasted until March, caused regional power outages, explosions at an electrical substation and explosions at a combined heat and power plant in Sumy, leading to a loss of heat, water and electricity for citizens.

If power outages and heat loss weren’t enough, Russian hackers also sent in Ukrainian troops threatening text messages telling the soldiers “they will find your bodies when the snow melts”. Other posts warned citizens to evacuate their homes, letting them know they would live if they left, or that “no one needs your children to be orphaned”.

A series of Russian DDoS attacks, a method in which hackers flood network servers by taking websites offline, have targeted banks, government websites and ATMs. In the case of ATMs, hackers managed to temporarily take the machines offline, preventing Ukrainians from accessing their money, fomenting panic as citizens sought to flee.

With Russia’s cyber warfare capabilities fully exposed, the question arises: if Russia can carry out attacks like this in Ukraine, can it do so against other nations?

The answer is probably no, according to Geers, at least for now. “Today Russia has its hands full,” he said. “If the NATO/EU alliance stands firm, I doubt Russia has the bandwidth to attack other nations, as the risks currently outweigh the benefits.”

But that hasn’t stopped other nations from worrying about it. Since the start of the war, President Biden has warned that the United States could also fall victim to Russian cyberattacks because of Kremlin sanctions and financial and military support from Ukraine. These threats have yet to materialize, but that doesn’t mean they aren’t looming.

Following the 2015 Russian cyberattack on Ukraine’s power grid, Russian malware was discovered in no less than 10 US utilities, including a nuclear power plant. Is the United States ready for the day one of these attacks strikes?

“As a nation, the United States is ready,” Geers said. “But for individual businesses, the potential damage is immense, at least temporarily.”

Although the US government may believe it is prepared for such an attack, this preparation did not prevent the 2021 Colonial Pipeline hack that cut off fuel supplies to part of the country. The hack, which used a password believed to have been acquired from the dark-web and an outdated security system that was not protected by two-factor authentication, shows that even over the past year a simple phishing scam or an outdated security system leaves everyone behind. country vulnerable to attack. Although this action only targeted the southeast region of the county, a more coordinated attack could bring the country to its knees.

An attack on the US grid could cause blackouts in various parts of the country, and well-targeted attacks could leave millions of people struggling with loss of water, heat or internet access.

While the U.S. government might be preparing for such an attack, carry out exercises and train your own experts to quickly put the grids back online, the case study of the Russian attacks in Ukraine shows that while the government may be prepared for what it needs to do when it happens, American citizens are not. This will no doubt have to change if the future of nation-state attacks continues to escalate in cyber warfare.

“In Ukraine,” Geers said, “we have seen attacks in all areas: military, political, diplomatic, commercial, critical infrastructure, social media, etc. So if nations want to prepare for cyber warfare, they have to educate the whole population.”

Although many experts agree that there is little or nothing your average citizen can do to prevent such attacks, you can prepare for them. Back up your bank statements, important emails and other files to external hard drives outside of cloud networks so you can access them even if the internet goes offline. It also means better educating the general public about phishing email scams, which millions of people fall victim to each year, while keeping your anti-virus and other computer software up to date.

Comments are closed.