6 minute read
How Russians Are Using Cyber Warfare against Ukraine
By Isabella Hehl Dalla Zuanna, Staff Writer
The use of cyber warfare in the Ukraine War is both underreported and of unprecedented magnitude. As Ukraine has been a cyber battlefield since the beginning of the Russo-Ukrainian War on Feb. 20, 2014, the amount of cyberattacks dramatically increased since the Russian invasion on Feb. 24, 2022. Yet, their efficiency and severity have been called into question recently, as it seems that in the last year, Russian cyber attacks have become less effective. However, especially following the Ukrainian cyber response, it cannot be questioned that this war has become the first hybrid war in history — taking place on the ground and online.
Advertisement
Internationally, there is little common knowledge about the Russo-Ukrainian War before the invasion of 2022 and about the role of cyber attacks in this conflict. In fact, these have been some of the most vicious and disruptive cyberattacks seen in the world. The first malignant onslaught in 2014 targeted the Ukrainian central election commission. This was the first presidential election after Ukraine’s revolution for independence from Russia, and as a result of Russian interference, far-right candidate Dmytro Yarosh won by an overwhelming margin. The purpose was to support the Russian narrative that Ukraine was secretly controlled by neo-Nazis.When the Russian media broadcasted the news of Yarosh’s win, the Russian public only saw the narrative propagated ment agencies and national financial organizations were attacked. As a result, terabytes of information were lost and another blackout ensued. The state’s entire financial plan for the year was wiped. As an escalation of 2015’s attack and as an attempt to cause physical harm, Sand- crypted documents. However, even if they paid the ransom, they would not retrieve their data, as the goal was not necessarily to make money but to damage IT systems. This worm later spread across the border, and impacted companies all over the world, such as Maersk, FedEx, Mondalez and Merck. As a result, thousands of shipments across the world were disrupted, and billions of dollars were lost. by their government despite Ukrainian hacking accusations.
In 2015, Sandworm, a notorious group of Russian hackers, took over Russia’s cyberwarfare attacks in Ukraine, targeting their media, power grid, and government agencies. This was the first time in history that hackers triggered a blackout, during which they destroyed hundreds of computers, turned off the backup power supply, and even bombarded government agencies with fake phone calls to worsen the chaos. While this blackout only lasted six hours, it had a clear goal: to terrorize Ukrainians. Sandworm continued its attacks, and in 2016, it led to the Kiev power plant hack, in which govern- worm disabled safety systems in this transmission so that when Ukrainian operators came to turn the power back on, there would be a current overload that would cause explosions and injuries. Fortunately, a small mistake in Sandworm’s attack prevented this from occurring.
In 2017, Sandworm’s infamous NotPetya attack unleashed the NotPetya malware, which contained a data-destroying piece of code. To execute this plan and spread the malware, Sandworm accessed civilian information through national institutions such as hospitals, and Ukrainians across the country received ransom threats that demanded money to retrieve their now en-
These attacks did not stop with the Russian escalation of the Ukraine War in 2022. Immediately before the Russian invasion in February, there was another cyber attack during which hundreds of computers were broken. Although it has not been confirmed if this was because of Sandworm, it can be assumed that the goal was to disrupt communication before the Russian military began their invasion. Arguably, cyber-attacks have contributed to the war in two main ways since 2022: decreasing communication and trust. At the start, Russia launched multiple relatively effective cyberattacks against Ukraine, targeting the country’s ability to communicate. However, the impact of these attacks dimmed, and seems to make little difference now. Furthermore, on both sides, each government has taken national civil action to take down each other’s websites, spreading misinformation and decreasing civilian trust in their governments.
Perhaps, the reason why recent attacks have had less of an impact can be attributed to two main reasons: Russian brutality and incompetence, which seemingly have prevented Moscow from properly leveraging acquired cyber intelligence, and secondly, the resilience of the Ukrainian state and cyber-infrastructure, developed as a result of years of vicious Russian cyber attacks. Overall, it seems as though cyber warfare seems to be much more effective and resonant in periods of mild peace rather than full-scale war or other active military campaigns. Furthermore, Russia seems to be struggling with how to effectively launch such attacks and has instead benefited much more from non-cyber intelligence, such as human agents, imagery and signal intercepts.
Ukraine has responded with its own version of cyber tactics through social media, where it uses Instagram, Snapchat, Twitter, TikTok, Facebook and more to rally international support, which may have helped garner sanctions against Russia. These have also been accompanied by strong Ukrainian encouragement to boycott Russia, which has resulted in certain Russian athletes being forbidden from participating in certain international competitions. Even companies such as Apple ceased the export of their products to sale channels in Russia. While such methods are not significant enough to impact Vladimir Putin, it certainly influences Russian citizens, which is also highly important.
Moreover, Ukraine invested in its own use of cyber warfare and established its own IT army on day three of the Russian invasion. Only several days after its creation, it already consisted of over 277,000 volunteers, many of whom were underground hackers who had been implored by Ukraine to put their skills to good use. Ukraine used its IT army to cause chaos and disturbance in Russia by giving it tasks to implement certain campaigns. For example, task number one stated that “we encourage you to use any vectors of cyber and DDoS (distributed denial-of-service) attacks on these resources,” naming resources that were business corporations such as Gazprom, banks such as Sberbank, and state organizations such as Moscow State Services. These tasks were often translated into English to encourage hackers from all over the world to participate in this digital warfare effort. This was a highly unusual form of hostility raising a lot of insecurity in other countries and the cyber world: if a hacker from a country outside of Ukraine, for example, Germany, were to be found hacking a Russian company, would Russia see it as an act of aggression by that country? However, even with these doubts, thousands of international hackers volunteered and participated to complete new tasks that were posted every several hours, already from the beginning of the invasion.
The goal of this mission was to cause as much chaos and inconvenience as possible for Russia. While taking websites offline will not change the war, it will help garner a public international image that is anti-Russia and will force Russia to undertake additional efforts, money and energy to fight on the digital front. Last September, Ukraine’s IT army even collaborated with Anonymous, a decentralized hacktivist collective known for its cyberattacks against multiple governments, government agencies and the Church of Scientology, to hack Russia, showing how international the digital war effort has become. Other hacktivist groups that have volunteered to participate in the Russo-Ukrainian War are notably AgainstTheWest, BlackHawks, GhostSec and RaidForums Admin on the pro-Ukraine side, and Free Civilian, The Red Bandits and Gamaredon on the pro-Russian side. Overall, most volunteer hacktivists have joined the Ukrainian effort, showing the effectiveness of their media campaigns and cyber warfare methods.
Concerning the Ukrainian use of cyber warfare to destabilize and hinder Russia, Ukrainian SciencesPiste Anna Hazolyshyn explained, “We have to use every possible way to protect and defend ourselves, and cyber security is just one of the aspects of that. And although to some people it may seem unnecessary, ultimately it contributes to our victory.” She went on to explain that the Russian cyber-attacks taking place since 2014, while perhaps serious, have had less impact on Ukrainian morale than is often assumed:
“Russia was really trying to use these fear tactics to spread chaos and feelings of fear, but luckily Ukrainians became good at filtering the information and to not get emotional and fearful of hypothetical threats that were never proven to be true. The fact that even I, as a general citizen and a person who reads the news, the fact that I don’t remember the threats
(of 2016’s Kiev’s power grid attack) being of such significance also tells us that they weren’t successful.”
In conclusion, the first hybrid war shows previously unused forms of cyberattacks and targeted digital warfare in parallel to traditional military and nuclear efforts. While it cannot be questioned that these new cyber methods have had a great international impact, it still must be asserted that the latter is much more significant. Although cyber warfare plays a role in this conflict, it is only secondary and cannot unleash the same amount of death and destruction as armies, bullets and bombs. Nevertheless, Ukraine’s impressive digital developments could still continue to be a significant war effort, and if efficiently improved, could maybe even make a real difference against a digitally weak Russia. However, the most important contribution to the war is international support: Hazolyshyn stated that “many people in the West really don’t think that events happening in Ukraine and Georgia can affect them because it’s on the other side of the world.” However, Russia has been leading cyberattacks against Western countries as well, such as the U.S. and U.K. This war, therefore, involves us all. As stated by Hazolyshyn, “it is not just about Ukraine. It is about global security and democratic security.”
