For the past few weeks, Russia has been deploying military forces into strategic positions on Ukraine’s borders. However, there is another, virtual dimension to the escalating conflict: cyber-attacks on Ukrainian government and business websites and services.
Attacks on Ukraine’s information systems are part of a type of hybrid warfare that Russia has been fine tuning for the past couple of decades but is now far more sophisticated.
Cyber-espionage and information warfare have become an intrinsic part of recent conflicts and happen on a regular basis between conflicting powers. However, governments do not usually publicly claim responsibility for this type of activity, since this could put them in a position of declaring war against the targeted country and provoking counterattacks and sanctions from the international community. Therefore, evidence that Russia is definitely behind these attacks is hard to establish.
Cyber-attacks are often attributed to hacker groups with nationalist motivations, who justify their political agendas without explicitly verifying any state backing.
In January, there was a spate of attacks by Belarusian hackers believed to be supporting Russia. They launched a series of malware attacks against Ukrainian computer systems with many government and other websites being defaced with provocative and intimidating messages.
In mid February, there was another round of cyber-attacks, this time targeting the Ukrainian army website, ministerial websites and some of the major banks, including PrivatBank, preventing online payments and use of banking apps.
These latest attacks were mainly distributed denial of service (DDOS) attacks, where a huge number of small packets of information are sent to websites and servers from multiple sources. This information overload causes the servers and computer systems targeted to slow down or collapse because of the swarm of information requests.
Russian involvement in those cyber-attacks is suspected. The attacks follow the pattern of similar tactics with alleged Russian backing over the past two decades in Ukraine, Estonia and Georgia, including attacks on communications infrastructures and power grids.
The US president and EU officials are now discussing increasing cyberspace defences against such attacks or imposing sanctions, if required.
Despite all of this, Ukrainian officials have refrained from explicitly mentioning the Russian state as being behind these attacks.
The pandemic and cyber-attacks
The above hybrid threats are also exacerbated by Ukraine’s (and other countries’) increasing reliance on information systems and the internet for important functions, such as banking, commercial activity and even healthcare.
Clearly this transition accelerated during the pandemic and also because of lockdowns forcing citizens to use the internet for work and leisure more extensively than before.
During the pandemic, cyber-attacks have also increased internationally.
Not just in Ukraine
Other countries in the region are also worried about the tactics spilling over their borders. Latvia has expressed concerns about cybersecurity risks if tensions continue.
The current conflict could also have much wider cybersecurity implications with concerns raised about potential attacks on US targets should military escalation bring interventions from Ukraine’s western allies against Russia.
Read more: If Russia invades Ukraine, what could happen to natural gas supplies to Europe? Podcast
After all, it is only a few years since the “NotPetya” cyber-attack against Ukrainian infrastructural systems extended beyond the Ukrainian borders and caused extensive disruption to the information systems of international organisations with significant financial impact. And recently, Microsoft sounded the alarm after its security team discovered destructive covert malware on Ukrainian government systems.
The level of cyber-attacks in Ukraine suggest they are an inevitable part of future political and national conflicts and potentially could have far reaching influence people’s lives.
For example, the impact on the already overstretched NHS, and consequently to all of us, would be insurmountable if on top of dealing with the pandemic, its systems were hit by some major computer virus, initially developed to destabilise Ukrainian information systems. The chaos generated by the WannaCry ransomware a few years ago would be unsustainable in the current climate.
The pandemic has accelerated our transition into a more global, hybrid living environment, and with this shift cyberwarfare causes even more widespread problems than a few years ago. To paraphrase a quote attributed to sci-fi author William Gibson: “The future is already here and it is becoming even more evenly distributed.” For better or worse.
Author: Vasileios Karagiannopoulos – Reader in Cybercrime and Cybersecurity, University of Portsmouth