Cybersecurity A relentless barrage
The video may have been too clunky to fool everyone, but it demonstrated the lengths Russian or Russian- affiliated hacktivist groups will go to in order to frighten and destabilise Ukraine and its allies. Since the conflict began at the tail end of February 2022, Russian hackers have been striving to infiltrate and undermine the Ukrainian government and critical infrastructure. According to a European Parliament briefing document, CaddyWiper malware infiltrated the systems of several Ukrainian organisations in the governmental and the financial sectors in March 2022. Later that month, cyberattacks targeted Ukrtelecom and WordPress sites, causing connectivity collapse and restricting access to financial and government websites. Other successful infiltrations followed, but there is a consensus among cybersecurity experts and military intelligence analysts that Russia’s hacking operation has been more inconvenient than invasive, and not as devastating as many feared it could be. In the words of Lindy Cameron, CEO at the UK’s National Cyber Security Centre, we have not seen a “cyber armageddon”.
Of course, that does not mean that Russia and its allies have not been hard at work trying to execute nefarious schemes in cyberspace. As any military or intelligence operative knows, it is only when a subsequent breach occurs that the public finds out. “In the public domain, we tend to only read about the attacks that are successful,” says Ian West, chief of Nato’s Cyber Security Centre. “The reality of operating with today’s technology is that you see so many of these attacks every single day.”
As head of the centre – which is part of Nato’s Communications and Information Agency – West is responsible for “the entire lifecycle of the cybersecurity mission”. Together with a team of 250 experts, West spends his days defending Nato’s enterprise networks, whether in static headquarters, or on exercises or operations. The role encompasses a broad remit of responsibilities: from defining and designing cybersecurity solutions, through to their implementation and operating those cyber defences on Nato’s networks. Nato’s cybersecurity chief does not divulge how many threats have been uncovered on the Nato network since the start of the Russia-Ukraine conflict, but one can guess that Putin’s decision to invade his western neighbour has only exacerbated the level and frequency of attacks. “Against Nato networks, we see the entire spectrum of cyberattacks,” West says. “Every day, we see attempts to attack Nato systems, whether it’s from malicious software like a ransomware wiper, or other types of viruses and worms that are pretty indiscriminate and would attack your home computer. Then we also get more specific and targeted attacks from hostile nation states.” “Sometimes we see website defacements,” West adds. “An opponent will [attempt to] put a message on
your website, which can be particularly damaging depending on what type of operation we’re in.”
Bad actors on the world stage From a western perspective, Russia and its hacktivist allies have been sharpening their skills for some time. In 2007, after a diplomatic row over a Soviet war memorial with Russia, Estonia endured a series of cyberattacks on its parliament, banks, ministries, newspapers and broadcasters. Online banking services were temporarily defunct and government employees were unable to send emails.
In 2015 and 2016, Russia was almost certainly behind wide-ranging destructive hacks of Ukrainian electricity infrastructure. The US government concluded that a cyberattack caused a power outage in Ukraine which left 230,000 people temporarily without power. Then came NotPetya, a set of devastating malware attacks against the Ukrainian government and other commercial targets unleashed in 2017. Ukrainian ATMs froze, railway and postal systems were paralysed, and hospitals blacked out due to lack of power. As West explains, “the NotPetya cyberattacks were variations on ransomware” – the kind of malicious software that criminals use to worm into computer systems asking users to click a link or open an attachment. “The ransomware will encrypt every single bit of data with very high-grade encryption, so that the user can no longer get access to that data,” West says. “Then a message will pop up, which tells the user that their data has been encrypted.” Generally, the software will tell users to pay a certain amount of Bitcoin or fiat currency to get the key to decrypt their data. Ordinarily, that might be a couple of hundred dollars, but in the case of NotPetya, the damage was far more catastrophic. The malware shifted across the globe at light speed, inflicting $10bn in damage, making it the most wide-reaching and destructive cyberattack in history. Widely attributed to the infamous Sandworm hacking group – a cyber military unit within Russian military
Defence & Security Systems International /
www.defence-and-security.com
The NotPetya ransomware attack in 2017 was among the more notorious hacks to target Ukraine.
$10bn
The global cost of the damage caused by the NotPetya ransomware attack.
Tech Monitor 47
November27/
Shutterstock.com
Page 1 |
Page 2 |
Page 3 |
Page 4 |
Page 5 |
Page 6 |
Page 7 |
Page 8 |
Page 9 |
Page 10 |
Page 11 |
Page 12 |
Page 13 |
Page 14 |
Page 15 |
Page 16 |
Page 17 |
Page 18 |
Page 19 |
Page 20 |
Page 21 |
Page 22 |
Page 23 |
Page 24 |
Page 25 |
Page 26 |
Page 27 |
Page 28 |
Page 29 |
Page 30 |
Page 31 |
Page 32 |
Page 33 |
Page 34 |
Page 35 |
Page 36 |
Page 37 |
Page 38 |
Page 39 |
Page 40 |
Page 41 |
Page 42 |
Page 43 |
Page 44 |
Page 45 |
Page 46 |
Page 47 |
Page 48 |
Page 49 |
Page 50 |
Page 51 |
Page 52 |
Page 53 |
Page 54 |
Page 55 |
Page 56 |
Page 57
