How a Russian cyberwar in Ukraine could spread globally


Unintended consequences?

The ripple effects for the rest of the world may not be limited to intentional retaliation by Russian agents. Unlike old-fashioned warfare, cyber warfare is not confined by borders and can more easily spiral out of control.

Ukraine has been the target of aggressive Russian cyber operations for the past decade and has suffered invasion and military intervention from Moscow since 2014. In 2015 and 2016, Russian hackers attacked Ukraine’s power grid and shut down the lights of the capital, Kiev. — acts without precedent that have not been committed anywhere else before or since.

The 2017 NotPetya cyberattack, again ordered by Moscow, initially targeted private Ukrainian companies before spreading and destroying systems around the world.

NotPetya posed as ransomware, but in fact, it was a purely destructive and highly viral piece of code. The destructive malware seen in Ukraine last week, now known as WhisperGate, also pretended to be ransomware while aiming to destroy key data that renders machines inoperable. Experts say WhisperGate is “remindingfrom NotPetya, to the technical processes that lead to destruction, but that there are notable differences. For one thing, WhisperGate is less sophisticated and isn’t designed to spread the same fast. Russia has denied any involvement and there is no definitive link to Moscow.

NotPetya has crippled seaports and left several giant multinational corporations and government agencies unable to operate. Almost everyone who has done business with Ukraine has been affected because the Russians secretly poisoned the software used by everyone who pays taxes or does business in the country.

The White House said the attack caused more than $10 billion in damage worldwide and called it “the most destructive and costly cyberattack in history.”

Since 2017, a debate has been ongoing over whether the international casualties were simply unintended collateral damage or whether the attack targeted companies doing business with Russia’s enemies. What is clear is that it can happen again.

Accident or not, Hultquist predicts we’ll see cyber ops from Russia’s military intelligence agency GRU, the organization behind many of the most aggressive hacks ever, both inside and out. outside Ukraine. The GRU’s most notorious hacking group, dubbed Sandworm by experts, is responsible for a long list of greatest successes, including the Ukrainian power grid hack in 2015, NotPetya hacks in 2017, interference in American and French elections and the hacking of the opening ceremony of the Olympic Games in stride. of a Russian doping controversy that left the country locked out of the games.

Hultquist is also looking for another group, known to experts as Berserk Bear, which comes from the Russian intelligence agency FSB. In 2020, US officials warned the threat the group poses to government networks. The German government noted the same group had secured “long standing compromises” in the companies by targeting the energy, water and electricity sectors.


Source link

Leave a Reply

Your email address will not be published.