In the days and weeks leading up to Russia’s 24 February military invasion of Ukraine, Russia took to cyberspace to infiltrate and in some cases destabilize networks within its neighbouring country.
Reports of Distributed Denial of Service (DDoS) attacks allegedly initiated by Russia surfaced the week before the invasion, flooding the networks of Ukraine’s defence ministry and two banks. The attacks against the banks were launched in two waves, with the first interrupting service. The second stage involved text messages to clients telling them the bank was no longer functioning.
History of suspected Russia cyber attacks on Ukraine
And there are indicators that Russia had breached Ukraine’s months before and was lying in wait to attack, installing data wiper malware on hundreds of computers In Ukraine. The wiper malware can delete all files from a computer, essentially making the computer unusable.
Russia has not taken responsibility for any of these breaches but there is a years-long history of cyberattacks against Ukraine in which the country is a prime suspect. Going back as far as 2014 after Russia annexed the Crimean peninsula from Ukraine, the Ukrainian government has accused Russia of breaching its systems including multiple attacks against its power grid.
There are also reports that some Russia citizen vigilante hackers are currently working in concert to destabilize Ukrainian systems via DDoS.
Ukraine cyber fight back
However, just as Ukraine continues its fight on the ground, its government has asked for IT security experts to both help its efforts to defend critical infrastructure and to wage cyber attacks against Russian systems.
Hackers outside the country are also lending support to the besieged nation. Attacks launched against the Russian systems responsible for running the countries trains slowed down transport and interrupted ticket buying. The effort was designed to interfere with the transport of troops to Ukraine.
The hacktivist group Anonymous also declared cyberwar on Russia, bringing down three of the country’s news sites. All this underscores what a powerful and potentially damaging weapon cyberattacks are in the modern warfare.
Disinformation has also come into play as a weapon. Meta, Facebook’s parent, identified and disabled 40 accounts created in recent days using AI to create fake online identities in order to disseminate potentially incendiary information about Ukraine. It remains to be seen what impact these cyberattacks and counter attacks will have the military battles on the ground. But this will certainly translate into many lessons learned that is applicable to both public and private sector entities going forward.