It's been a few years since Russia invaded Ukraine and the war doesn't seem to be coming to an end any time soon. It's resulted in a wide range of consequences globally across many industries. Here at SCS, cybersecurity is our bread and butter, so let's view it from that lens.
How is cybersecurity related to a large scale ground invasion involving soldiers, tanks and missiles? The link is more obvious than you would assume. According to the United States Department of Defense, Russia invaded Ukraine on February 24, 2022. Almost as soon as the first boots hit the ground, a volley of cyber attacks began to affect Ukrainian government, finance and energy infrastructure. These included compromising Ukrainian authorities' websites to push news of a false surrender, jamming Ukraine's connection to SpaceX's Starlink satellite, and causing countrywide internet outages. All of this happened within March of the same year.
In April of 2022 (just two months after the beginning of the war), Russian intelligence actors attempted to deploy malware against high-voltage substations in Ukraine in attempt to cut power off to many parts of the country.
A month later, the Ukrainian Ministry of Foreign affairs was allegedly infiltrated by a group of Russian hackers calling themselves XakNet who released sensitive documents online.
This is only a few of the cyber attacks credited to Russia during the war with a myriad of others occurring across the globe. Others include cyber espionage attempts against members of NATO as well as Finland and Sweden, who applied for membership just after the war began.
In response, a number of hacktivists acted in support of Ukraine. Notorious hacktivist group Anonymous participated in a number of cyber operations against Russia including DDoS operations and hacking Russian state television. In addition to the hacktivists' efforts, over 400,000 volunteers have amassed to help protect Ukrainian networks.
Surprisingly, one of the most prominent players in NATO's response to Russian cyber attacks in Ukraine was Microsoft. At the behest of the United States Deputy National Security Advisor, Microsoft began to neutralize Russian malware targeting Microsoft products utilized in the Ukrainian effort. Multiple national agencies have also released security alerts and efforts within their respective countries. For example, Canada's Communications Security Establishment released a number of reports detailing Russian disinformation campaigns as well as a call to action to the population to report security compromises.
As the war continues years later, one thing is becoming apparent. With the involvement of Starlink in ground operations and disinformation creating a tangible effect that quickly ripples onto the battlefield, protecting data and cyber infrastructure will be an inseparable part of warfare for the foreseeable future. Cybersecurity continually entrenches itself as a necessity economically, politically and, now, militarily.
Citation
Liu, S. (2022, August 7). Cyberattacks and the Russian war in Ukraine: the role of NATO and risks of escalation - Georgetown Journal of International Affairs. Georgetown Journal of International Affairs. https://gjia.georgetown.edu/2022/08/08/cyberattacks-and-the-russian-war-in-ukraine-the-role-of-nato-and-risks-of-escalation%EF%BF%BC/
Duguin, S., Pavlova,P. The role of cyber in the Russian war against Ukraine: Its impact and the consequences for the future of armed conflict https://www.europarl.europa.eu/RegData/etudes/BRIE/2023/702594/EXPO_BRI(2023)702594_EN.pdf
U.S. Department of Defense. (n.d.). Support for Ukraine: Timeline. https://www.defense.gov/Spotlights/Support-for-Ukraine/Timeline/