Critical Infrastructure Security , Cyberwarfare / Nation-State Attacks , Endpoint Security
Ukraine Fighting First-Ever 'Hybrid War' - Cyber OfficialBut 'Cyber War Can Only Be Ended With the End of Conventional War,' Official Says
As Russia's ground invasion and air assault against Ukraine continues, so too do online attacks being launched against Ukrainian websites, backed by Moscow-led disinformation campaigns.
See Also: Webinar | How the SASE Architecture Enables Remote Work
Ukrainian cybersecurity official Viktor Zhora says his country is fighting the first-ever "hybrid war" that bridges both the physical and online realms.
Ukraine's government websites and infrastructure providers faced repeated probes and distributed denial-of-service attacks before Russa's overland invasion on Feb. 24, and Zhora, who's deputy chairman of Ukraine's State Service of Special Communications and Information Protection, says those disruptions have continued.
The country has also been targeted with wiper malware, and officials say at least one Ukrainian bank has been the focus of an attempted border gateway protocol hijacking.
Ukraine Reports Nonstop Online Attacks
"Russian hackers keep on attacking Ukrainian information resources nonstop," Ukraine's SSSCIP reported Saturday.
It says that "since the beginning of invasion, DDoS attacks have been primarily aimed at the resources of Verkhovna Rada" - the legislature - as well as the "Cabinet of Ministers, President of Ukraine, Defense Ministry and Internal Affairs Ministry."
Russian hackers keep on attacking Ukrainian information resources nonstop
Since the beginning of invasion, DDos attacks have been primarily aimed at the resources of Verkhovna Rada, Cabinet of Ministers, President of Ukraine, Defense Ministry and Internal Affairs Ministry— SSSCIP Ukraine (@dsszzi) March 5, 2022
Cybersecurity experts have been watching for a repeat of Russian attacks that cut power to parts of Ukraine in the winter of 2015 and again in 2016, or for an attack similar to NotPetya in 2017. That wiper malware, spread via a legitimate Ukrainian software developer's update server, spread globally, causing commercial damage of up to $10 billion.
But at least so far, Russian President Vladimir Putin doesn't appear to have ordered all-out cyberattacks aimed at disrupting critical infrastructure, or that have the potential to spread globally (see: Why Hasn't Russia Launched a Major Cyberattack on Ukraine?).
Russia's military instead appears to remain focused on using troops on the ground, backed by bombs, missiles and artillery. Officials say the military has also been striking civilian targets across multiple Ukrainian cities, in violation of international law. Efforts to facilitate residents' evacuation from multiple cities have been hampered by Russian forces failing to honor temporary ceasefire agreements.
Ukraine continues to fight not just on the ground and in the air, but also online. "This is happening for the first time in history and I believe that cyber war can only be ended with the end of conventional war, and we will do everything we can to bring this moment closer," SSSCIP's Zhora said at a Friday press conference, the BBC reported.
Zhora said Ukrainian cyber defenders continue to repel attacks on the country's online services and infrastructure, and said that "they are not afraid of Russian" attacks focused on such critical infrastructure as power plants or nuclear facilities, the BBC reported.
Internet access remains shaky across Ukraine, due in part to continued bombing, says Britain's Ministry of Defense. "Ukrainian internet access is … highly likely being disrupted as a result of collateral damage from Russian strikes on infrastructure," it says. "Over the past week, internet outages have been reported in Mariupol, Sumy, Kyiv and Kharkiv."
Latest Defence Intelligence update on the situation in Ukraine - 07 March 2022
Find out more about the UK government's response: https://t.co/D3NG9b9zMX
#StandWithUkraine pic.twitter.com/lIjezjELsE— Ministry of Defence (@DefenceHQ) March 7, 2022
"Russia is probably targeting Ukraine's communications infrastructure in order to reduce Ukrainian citizens' access to reliable news and information," it adds.
Ukraine continues to receive assistance in defending its networks, including from the EU's Cyber Rapid Response Team.
The outside help continues to expand. On Monday, NATO's Cooperative Cyber Defense Center of Excellence, based in Tallinn, Estonia, which functions as a hub of cybersecurity knowledge, research, training and for exercises, announced that Ukraine has been admitted as contributing participant.
"Ukraine's presence in the center will enhance the exchange of cyber expertise between Ukraine and CCDCOE member nations," says Col. Jaak Tarien, CCDCOE's director.
Global Condemnation of Russia
Condemnation of Russia's Ukrainian invasion has been widespread.
On Friday, foreign ministers of the G7 countries - Canada, France, Germany, Italy, Japan, the U.K. and the U.S. - condemned "President Putin's unprovoked and unjustifiable war against Ukraine."
"Russia's blatant violation of the fundamental principles of international peace and security and the breach of international law have not gone unanswered," the ministers said. "We have imposed several rounds of far-reaching economic and financial sanctions. We will continue to impose further severe sanctions in response to Russian aggression, enabled by the Lukashenka regime in Belarus."
The ministers also decried Russia's widespread use of disinformation "to support its military aggression" against the country.
"Their steady stream of fabricated claims is putting additional lives at risk," they said, and said efforts to combat that disinformation remain underway.
Multiple state-sponsored Russian news sources that many would characterize as propaganda outlets - including RT and Sputnik - have been banned across Europe and dropped from numerous U.S. providers.
But officials say Moscow continues to carefully craft the view of the war being seen by Russians.
"To hide the truth from its own citizens, Russia's censorship agency has shuttered independent Russian media outlets, blocked social media, and restricted access in Russia to international news outlets," says White House National Security Council spokeswoman Emily Horne.
"We condemn the move by the Russian Federation Council to approve a law threatening prison sentences of up to 15 years for journalists and ordinary citizens that would spread so-called 'false' information about Putin's unconscionable war in Ukraine," she said.
Western officials have strongly criticized Russia for shelling a nuclear power station in Ukraine early on Friday, leading to a fire at a training facility located at the site. Officials say no radiation appears to have leaked.
Watchdog organization NetBlocks reported Sunday that the facility appeared to have been purposely disconnected from mobile network and internet connections.
On Sunday, the International Atomic Energy Agency confirmed that the plant was no longer internet-connected, in violation of core IAEA requirements.
"Reliable communications between the regulator and the operator are a critical part of overall nuclear safety and security," said IAEA Director General Rafael Mariano Grossi.
Update: The International Atomic Energy Agency says it can no longer get "reliable information" about #Zaporizhzhia Nuclear Power Plant following the disconnection of internet and telecommunications networks at the location, per reporter @ErinBurnett (h/t @Osinttechnical) https://t.co/HYjHX77Sev— NetBlocks (@netblocks) March 6, 2022
US Pledges Increasing Support
At a Saturday press conference held at the Poland-Ukraine border, U.S. Secretary of State Antony J. Blinken decried "Russia's war of choice" and said that support - "security support, humanitarian support, economic support" - would be increasing.
Speaking beside him, Ukrainian Foreign Minister Dmytro Kuleba said his country would triumph, but noted that "the question is the price - the price of our victory," which hinged on support being provided by other governments. He also decried NATO's refusal to establish a no-fly zone over Ukraine. Western government officials have stopped short of doing so, saying it would draw them directly into the conflict, since they would be faced with having to engage Russia's air force as well as anti-aircraft installations on the ground, potentially inside Russia and its ally Belarus.
"We want to do everything we can to make sure that that price is as low as possible and that this happens as quickly as possible, but we're in it with Ukraine one way or another," Blinken said. "The short-run, the medium-run, the long-run. We're in this together. We will succeed together. Ukraine is going to prevail."
U.S. President Joe Biden spoke with President Volodymyr Zelenskyy of Ukraine on Friday. The White House says Biden emphasized "the ongoing actions undertaken by the United States, its allies and partners, and private industry to raise the costs on Russia for its aggression in Ukraine."
On Friday, Visa and Mastercard announced that they would no longer allow any payment cards issued from inside Russia to be used to pay for goods or services outside the country. Multiple other companies and services, including Apple - and Apple Pay - as well as Google, Netflix, TikTok and others have also announced that their goods and services will no longer be available in Russia.