The world came to a standstill last night as news broke that Russian forces were invading further into Ukraine, attacking the capital city of Kyiv and surrounding areas.
U.S. senior officials now reportedly expect Kyiv to fall “within days,” according to Newsweek.
As the war on the ground continues to escalate, security researchers believe that Russian cyberattacks targeting Ukraine will be increasingly devastating.
Digital Shadows released a report breaking down the terrifying situation unfolding before our eyes. Researchers discuss what has already happened on the cyber front of the war:
“Malicious cyber-action has coincided with Russia’s military forces entering Ukraine. On 23rd Feb 2022, it was reported that a wave of DDoS attacks had occurred against Ukrainian government websites and banks. In addition, new data wiping malware was discovered on hundreds of devices on Ukrainian networks.
In some instances, researchers found that the malware had been compiled in December 2021, indicating that the attack had been planned significantly in advance; other research identified that the malware—which has been named ‘HermeticWiper’ by researchers—was deployed directly from Windows domain controllers, suggesting access may have been acquired for some time prior.”
Now that Russian military troops are in Ukraine, everyone’s question is what happens next?
U.S. President Biden today announced severe economic sanctions against Russian banks and elites in hopes of damaging the country’s economy to the point where they pull back from Ukraine.
Digital Shadows thinks the next big move will come in some form of cyber warfare:
“Malicious cyber-action coming from Russia is likely to precede any further invasion. Cyber-attacks could extend out of Ukraine, and impact NATO and EU member states; this has already been observed with Hermetic Wiper impacting networks in Latvia and Lithuania. NotPetya, notorious for its global spread in 2017, immediately springs to mind.
It is also realistically possible that the financial services, energy, and oil & gas sectors in particular are under an increased risk from Russian aligned threat actors. Targeting oil & gas in Europe, for example, could serve to cause concern among nation-states dependent on Russian energy.
Russia-based cybercriminals may also be emboldened or otherwise encouraged by Russia’s actions. This week, the FBI warned organizations of an increased threat from ransomware operations; it is realistically possible that, despite recent Russian crackdowns against cybercriminals, they may deem NATO-based targets, or organizations based in NATO countries, as viable.”
Hitesh Sheth, President and CEO of Vectra, discusses how cyberattacks will play a large role in the invasion of Ukraine:
“The war we see on TV is only a fraction of the conflict. Cyber weapons are doing at least equal damage to Ukrainian computer networks, particularly financial and military systems. We will never have more vivid proof that offensive cyber action is now a first-strike tactic, on a par with kinetic warfare.
The sobering difference: conventional war is waged between nation states. Cyber war poses severe risk to private interests, however reluctant and unwilling they are to become combatants. Escalating cyber conflict can lead to unanticipated consequences and casualties. Nobody is assured of remaining a mere spectator.
To that end, no public or private organization can afford complacency about the events we are watching in real time. They prove the alarming point that antiquated cyber defenses centered on perimeter protection will fail under fire. Security begins at home, and private interests cannot rely on state-sponsored protection. They must audit and reinforce cyber defenses and prioritize AI-augmented detection and response. Doing so will contribute to stability in a worrisome time.”
While announcing the sanctions today, President Biden noted that no U.S. troops would sent to Ukraine to fight against Russia. Though a physical response might be off the table, for now, a strategic cyberattack could certainly be in play.
The President has reportedly been presented with a number of options for cyberattacks designed to disrupt Russia’s military efforts in Ukraine, according to NBC News.
NBC News reports:
“The sources said the options presented include pre-emptive responses to Russia’s invasion of Ukraine, irrespective of whether Russian launches its own cyberattacks on the U.S. in retaliation for sanctions. They said most of the potential cyberattacks under consideration are designed to disrupt but not destroy, and therefore fall short of an act of war by the United States against Russia. They say the idea is to harm networks, not people.
Officials are debating the legal authorities under which the attacks would take place—whether they would be covert action or clandestine military activity. Either way, the U.S. would not publicly acknowledge carrying out the operations, the sources say. U.S. Cyber Command, the National Security Agency, the CIA and other agencies would have a role to play in the operations, the sources said.”
The world watches as nations decide how to respond to Russia’s aggression.
Follow the SecureWorld News page for updates related to cybersecurity and cyberwarfare.