Russian hackers are increasing and diversifying the attacks on Ukraine as the Russian invasion reaches its sixth monthly milestone. They have sent mass texts to Ukrainian civilians to threaten their lives and to warn them not to flee from their homes.
Kenneth Geers is a security specialist from Very Good Security who was also a fellow at NATO Cyber Centre. He presented at DEFCON30 and explained how Russia has planned these actions over many years.
Russian attacks on Ukraine’s electricity grid are not new. However they’ve been more frequent in recent years as Ukraine tries to make use of its digital power. The Kremlin carried out its first attack in 2015, destroying a part of the Ukrainian grid for six hours. Another similar attack was carried out by Russian hackers a year later. It not only punished Ukraine, it also demonstrated Russia’s capability to conduct a cyberattack against another country. This was a precursor to the 2022 invasion. Prior to Russia’s major military operations, cyber-attacks grew around Ukraine. Major attacks are now a regular feature of war as it drags along, with more 300 documented cyberattacks around Ukraine since the conflict began in February.
Geers explained to Gizmodo that troop movements can no longer be made without hacker support. He stated that Microsoft had noticed on February 17th, that Russian hackers had been active at Sumy’s border and were targeting critical infrastructure networks. This was in preparation for troop movements. Geers says that the attacks continued into March and caused regional power outages as well explosions at an electrical substation and at a Sumy combined heat/power plant explosions, resulting a loss in heat, electricity, and water for citizens.
Russian hackers sent Russian troops threatening texts , telling them to leave. They also warned that they will find their bodies when the snow melts.
Russian DDoS attack, which involves hackers flooding the network servers and taking websites offline, has targeted ATMs, banks, and government websites. ATMs were the victim of hackers who temporarily took the machines offline, denying Ukrainians money access and causing panic in the citizens as they fled.
With Russia’s cyber warfare capabilities fully displayed, it raises the question: Can Russia conduct attacks similar to those in Ukraine?
Geers suggests that the answer is not likely, at this point. He said that Russia had its hands full today. “I doubt Russia has the capability to attack other countries if NATO/EU remains solid, because the risks are outweighing the benefits.”
It has not stopped other countries from being concerned about it. Biden has warned since the beginning that the US may be vulnerable to Russian cyberattacks. He cited sanctions against Moscow and financial and militarily supported Ukraine. These threats may not have materialized yet, but it does not mean they aren’t in sight.
Russian malware was discovered in as much as 10 US utilities and one nuclear power plant following the Russian cyber-attack on Ukraine’s power grid. Is the US prepared in the event of one such attack?