The world is watching as Russia invade Ukraine with global leaders and public figures preaching a message of peace. However, as the world watches, most countries are looking at how the conflict will affect them.
There are many security risks that are associated with Russia’s feud with Ukraine. Today, we look at the cyber security threats that come with the conflict between the two countries.
The conflict presents perhaps the most acute cyber risk the United States and Western Corporations have ever faced. Russia’s invasion of Ukraine may lead to the most comprehensive and dramatic sanctions ever imposed on Russia. When this happens, Russia will probably not stand by, but will instead respond asymmetrically using its considerable cyber capability.
When you take a look into the history books, you will see that there is a high risk of cyber attacks in relation to Russia’s invasion of Ukraine.
Sophos’ Chester Wisniewski looked into the history of cyberattacks that resulted from these international feuds and invasions. In his article, Chester looks at seven different examples of when these cyberthreats materialized.
For instance, the earliest known activity dates to April 26, 2007, when the Estonian government moved a statue commemorating the Soviet Union’s liberation of Estonia from the Nazis to a less prominent location. Soon after there were riots in the streets, protests outside of the Estonian embassy in Moscow and a wave of debilitating DDoS attacks on Estonian government and financial services websites.
Low-level information warfare has been ongoing against Ukraine since 2009, with many attacks coinciding with events that could be interpreted as threatening to Russian interests such as a NATO summit and negotiations between Ukraine and the EU for an Association Agreement.
In March 2014, the New York Times reported that “Snake” malware had infiltrated the Ukraine Prime Minister’s Office and several remote embassies at the same time as anti-government protests began in Ukraine. Near the end of 2013 and into 2014, ESET also published research documenting attacks against military targets and media outlets dubbed “Operation Potato Express.”
What now? Regardless of whether things continue to escalate, cyberoperations are sure to continue. Ukraine has been under a constant barrage of attacks with varying degrees of peaks and troughs since Viktor Yanukovych was deposed in 2014.
Russia’s official “The Military Doctrine of the Russian Federation” from 2010 states:
“the prior implementation of measures of information warfare in order to achieve political objectives without the utilization of military force and, subsequently, in the interest of shaping a favourable response from the world community to the utilization of military force.”
This suggests a continuance of previous behaviors before a conflict, and makes DDoS attacks a potential sign of an imminent kinetic response.
Information warfare is how the Kremlin can try to control the rest of the world’s response to actions in Ukraine or any other target of attack.