Russian hackers without devastating cyberattacks for Ukraine

Although Russia has some of the best hackers in the world, in the early days of the war in Ukraine, their ability to create chaos through malware has not made much of an impact.

Instead, Ukraine is the one that has managed to rally sympathetic volunteer hackers in a global effort to make the Kremlin pay for waging a war against its neighbor.

It’s a kind of cyber pitched battle that experts say risks aggravating a moment already fraught with extraordinary danger after Russian President Vladimir Putin put his nuclear forces on alert.

So far, Ukraine’s internet access remains largely operational, and its president has been able to appeal for international support via smartphone, while its power plants and other critical infrastructure continue to operate.

The kind of devastating cyberattacks that were thought to go hand in hand with a full-scale Russian military invasion have not occurred.

“They haven’t played as big a role as some believed, and the problem hasn’t gone beyond Ukraine as people feared,” said Michael Daniel, a former White House cybersecurity coordinator. “Of course, this can still change.”

It is not clear why Russia has not delivered a more forceful cyber blow. He may have concluded that the impact would not be severe enough: Ukraine’s industrial base is much less digitalized than that of Western countries, for example.

It is also possible that Russia decided that it could not do serious damage to Ukraine without risking collateral impact outside its borders.

Many cybersecurity experts believe that the Kremlin, at least for now, prefers to keep Ukraine’s communications open for its intelligence value.

Whatever the reason, the early days of the conflict are marked by low-level cyberattacks that appear to be carried out by both independent professionals and state entities.

Before the invasion, hackers disabled or altered Ukrainian government websites. Now, an army of hackers—some organized online by the Security Service of Ukraine (SBU)—are taking credit for taking down and disabling Russian media and government sites.

A volunteer group calling itself the Ukrainian IT Army has more than 230,000 followers on a Telegram channel and sets up a constant list of targets for hackers, including Russian banks and cryptocurrency exchanges.

On Monday, Ukraine’s SBU made its recruitment of allied volunteer hackers official.

“The cyber front is open. Help Ukrainian cyber experts to hack the occupiers’ platforms,” he said on his Telegram channel, asking for advice on vulnerabilities in Russian cyber defenses, including software flaws and access credentials.

“This is the first time that a state has openly called on its citizens and volunteers to cyberattack another state,” said Gabriella Coleman, a Harvard anthropology professor who has studied the rise of hacktivism.

The initiative is similar to the trust that Ukraine places in its citizens for other fields of defense.

“It is not surprising that Ukraine resorts to all kinds of measures to fight the Russians, a much stronger enemy. Just as civilians are coming out to fight in the streets, it’s also not surprising that they’re trying to rally civilians to support through the digital space,” said Gary Corn, a retired Army colonel who served as general counsel to the U.S. Cyber ​​Command. United States.

A hacking group that came to light last year, the Belarusian Cyber ​​Guerrillas, claimed on Monday to have disrupted some rail services in Belarus, Ukraine’s northern neighbor from which various factions of the Russian military were attacking. The group has attempted to thwart Russian troop and equipment movements through Belarus.

Sunday’s digital sabotage by Cyber ​​Guerrillas paralyzed Belarusian train traffic for 90 minutes, Sergey Voitekhovich, a former Belarusian railway worker who runs a railway-related Telegram group, told The Associated Press. He said e-ticket sales were still down Monday night.

The Cyber ​​Guerrillas hack was intended to disrupt the movement of Russian troops in Belarus, the second such action in just over a month.

According to Voitekhovich, the current attack delayed two Russian military trains bound for Belarus from the Russian city of Smolensk. His version could not be independently verified. Voitekhovich spoke to the AP from Poland. He said that pressure from the police forced him to leave Belarus.

Pro-Russian criminals dedicated to “ransomware” -software with which they demand payment to release stolen and encrypted data- belonging to the Conti gang, promised through the dark web of said organization to “use all possible resources to hit back to the critical infrastructure of the enemy” if Russia was attacked. Shortly after, sensitive chat logs that appear to belong to the gang were leaked online.

As supporters on both sides promise more serious cyberattacks, experts say there are real risks of the situation spiraling out of control.

“De-escalation and peace will be too difficult on their own without accounting for outside hacking,” said Jay Healey, a Columbia University cyber conflict expert who has long opposed the private sector “hacking back.” against Russian or other state-sponsored cyber aggression.

Further complicating matters are possible “false flag” operations in which hackers pose as someone else to launch an attack, a specialty in cyber conflict. Attribution in cyber attacks is almost always difficult and could be even more difficult in the fog of war.

Consequences of some cyber-attacks already exist: Several hours before the start of the Russian invasion, the Ukrainian digital infrastructure was hit by destructive cyber-attacks that damaged hundreds of computers with “wiper”-type malware – which removes information from affected devices. , including a financial institution and organizations with offices in neighboring Latvia and Lithuania, according to cybersecurity researchers.

In a statement, Microsoft Chairman Brad Smith said Monday that such attacks on civilian targets “raise serious concerns under the Geneva Conventions.”

Smith noted that the cyberattacks — like a series of similar attacks recorded in mid-January — “have been precisely targeted, and we have not seen the indiscriminate use of malware that spread through the Ukrainian economy and beyond. from its borders in the 2017 NotPetya attack,” referring to a “wiper” that caused more than $10 billion in damage globally by infecting companies doing business in Ukraine with malware delivered via a firmware update. software used for tax management.

The West blames the GRU, the Russian military intelligence agency, for that attack, as well as some of the most damaging cyberattacks on record, including a pair in 2015 and 2016 that briefly took part of the Ukrainian power grid.

So far, there has been nothing like it in this conflict, but experts say it could come.

“I have been pleasantly surprised so far … that Russia has not launched more major cyberattacks against Ukraine,” Senate Intelligence Committee Chairman Mark Warner said at an event on Monday. “Do I expect Russia to raise its level of play in the cyber realm? Of course”.

Source link

Related Articles

Leave a Reply

Your email address will not be published.

Back to top button