Vladimir Putin debuts An illegal, aggressive attack on Ukraine last night left dozens of soldiers dead and sent panic around the world. Russian forces are bombing cities across Ukraine, with countless civilians in the shooting chainas people escape capital in Kyiv. Cyberattacks are also beginning to amplify chaos and devastation: Wiper . attacks fight a Ukrainian bank and system of Ukrainian government contractors in Latvia and Lithuania; The websites of the Ukrainian government are type offline; and Kyiv Post the site has been continuous attack since the Russian attack.
Although the exact perpetrators of these cyberattacks are still unknown, much of the public discussion about cyberthreats has focused on Russia’s military and intelligence agencies: from stories about military cyber attacks cover of Ukraine prepares against them. The same thing was repeated on the government side, with the White House press conference and other sessions dominated by discussion of the cyber capabilities of Russian government agencies. However, the Putin regime has a broader network of unnamed actors, from cybercriminals to front organizations to patriotic hackers, that it can and has also exploited. its advantage. Failure to acknowledge these threats overlooks part of the enormous damage Russia can do to Ukraine.
There is no doubt that the Russian state has sophisticated cyber capabilities with a track record of destruction. SVR, Russia’s foreign intelligence agency, is involved in a number of espionage and data theft campaigns, from Violating SolarWinds in 2020 (victims range from government agencies to large corporations) to steal information from the developers of the Covid-19 vaccine. For years, Russia’s military intelligence agency, the GRU, has carried out destructive cyberattacks ranging from NotPetya ransomware potentially costing billions of dollars globally, to shut down the power grid in Ukraine, just last week, launched a distributed denial of service attack against Ukrainian banks and the country’s defense ministry.
However, Moscow can also open up an even larger, more complex, and often opaque proxy network that subjects are willing to hack and attack on behalf of the regime. Kremlin involvement with these groups change and may fluctuate over time; it may finance, endorse, waive, recruit or employ these actors on an ad-hoc basis. Part of the reason Moscow guard or turning a blind eye to cybercrime is an economic act — cybercrime brings in a lot of money — but it’s also because the state can make them do their dirty bidding.
For example, Biden administration punished Cybersecurity company Positive Technologies is based in Russia in April 2021 for allegedly provided hacking tools attacking Russian intelligence agencies. The organization said the organization also held “large-scale conferences” through which the FSB and GRU recruited hackers. Judicial apply to court made public in 2020, to give another example, includes Russian hacker Nikita Kislitsin describing how the FSB worked with an unnamed criminal hacker to gather “intrusive information” about individuals . FSB and Ministry of Defense recruit many such individuals and organizations to conduct cyber operations for them. And sometimes, it’s just Putin letting the hackers do their thing, and then celebrating their crimes. In 2007, pro-Kremlin youth group Nashi responsibility for launching DDoS attacks on Estonia. Ten years later, Putin so ranging from “patriotic hackers” to “artists”, claiming that some may be engaged in a “just war against those who slander Russia.”
If these threats seem confusing and overwhelming, that’s exactly the point, and that’s exactly what makes the threat to Ukraine so serious. This network web proxy gives Moscow the possibility of denial and concealment, and the ability to launch combinations of operations and attacks without the Russian flag clearly attached. Even if the attacks are ultimately linked to Moscow, there may be periods where the Russian government can deny involvement, and there are still people abroad and at home who will believe the claims. of the mode. In 2014, this logical denial (im) was part of the Putin regime’s invasion of Ukraine, with Moscow’s backing. collective hacking like Cyber Berkut perform defeat in Ukraine (because Ukrainian groups also attacked Russian targets); The UK’s National Cyber Security Center has speak Cyber Berkut is affiliated with the GRU.
More alarming remains the fact that Russian state and authorized hackers are not solely based in Russia. There are growing signs that Moscow is deploying, stationing, or leveraging both state and authorized hackers abroad to carry out operations from within other countries. In 2018, a magazine of the Czech Republic bankrupt One story alleging that Czech intelligence has identified two local IT companies purportedly set up to run cyber operations for Russia — and that these companies even shipped their equipment with Russian diplomatic vehicle. Looks like Belarus is become a collaborator for the cyber operations of the Kremlin, or at least the premises of the Russian government. Even in terms of information operations, the notorious Internet Research Agency has open unmarked offices in Ghana and Nigeria.
