What does the current cyberwar in Ukraine look like?
Posted: Mon Dec 09, 2024 9:28 am
Cyberattacks since 2015
It is noteworthy that cyber hostilities began long before the ground offensive. Many analysts believe that Ukraine has been used by its neighbouring country as a “ laboratory” – and specifically to develop its cyber capabilities, starting with the invasion of Crimea in 2014-2015.
Russia then attacked Ukraine's power grid , depriving nearly 250,000 citizens of electricity.
Meanwhile, the NotPetya malware was launched in 2017 to infect list of bolivia whatsapp phone numbers computers in Ukraine's financial sector . But it quickly spread internationally , affecting major multinationals such as Maersk, WPP and Merck. In total, it caused more than $10 billion in damage .
The United States has charged several members of the Sandworm hacker group for their alleged involvement in the cyberattack. Sandworm is no stranger to the cybersecurity field. The group, also known as oodoo Bear or BlackEnergy, is a subsidiary of the GRU , Russia's military intelligence agency.
January 2022: hostilities resume
Hostilities in cyberspace have been renewed since mid-January this year . The National Security and Defense Council of Ukraine reported that 70 government websites had been subjected to cyberattacks attributed to a group of hackers linked to Belarusian intelligence services.
This attack appeared to be linked to the intrusion of ransomware (which is a type of software that blocks access to data or software on a computer system in order to extort a ransom in exchange for restoring it). But the malware didn’t just block certain services, according to Microsoft. It also destroyed data, leading it to be reclassified as a “ wiper .” Wipers are malicious software that erase data.
On February 24, cybersecurity firm ESET reported that they had discovered a new wiper , called HermeticWiper . It apparently infected hundreds of Ukrainian computers. Symantec later announced that the malware infected companies in Lithuania and Latvia. This spread beyond Ukraine’s borders has raised fears that these threats could reach other countries through many firms’ international supply chains.
That same week, a DDoS (Distributed Denial of Service) attack was launched against the websites of several Ukrainian ministries and banks. The hackers who carried out this attack flooded these websites with access requests in order to overwhelm them and cause them to crash.
It is noteworthy that cyber hostilities began long before the ground offensive. Many analysts believe that Ukraine has been used by its neighbouring country as a “ laboratory” – and specifically to develop its cyber capabilities, starting with the invasion of Crimea in 2014-2015.
Russia then attacked Ukraine's power grid , depriving nearly 250,000 citizens of electricity.
Meanwhile, the NotPetya malware was launched in 2017 to infect list of bolivia whatsapp phone numbers computers in Ukraine's financial sector . But it quickly spread internationally , affecting major multinationals such as Maersk, WPP and Merck. In total, it caused more than $10 billion in damage .
The United States has charged several members of the Sandworm hacker group for their alleged involvement in the cyberattack. Sandworm is no stranger to the cybersecurity field. The group, also known as oodoo Bear or BlackEnergy, is a subsidiary of the GRU , Russia's military intelligence agency.
January 2022: hostilities resume
Hostilities in cyberspace have been renewed since mid-January this year . The National Security and Defense Council of Ukraine reported that 70 government websites had been subjected to cyberattacks attributed to a group of hackers linked to Belarusian intelligence services.
This attack appeared to be linked to the intrusion of ransomware (which is a type of software that blocks access to data or software on a computer system in order to extort a ransom in exchange for restoring it). But the malware didn’t just block certain services, according to Microsoft. It also destroyed data, leading it to be reclassified as a “ wiper .” Wipers are malicious software that erase data.
On February 24, cybersecurity firm ESET reported that they had discovered a new wiper , called HermeticWiper . It apparently infected hundreds of Ukrainian computers. Symantec later announced that the malware infected companies in Lithuania and Latvia. This spread beyond Ukraine’s borders has raised fears that these threats could reach other countries through many firms’ international supply chains.
That same week, a DDoS (Distributed Denial of Service) attack was launched against the websites of several Ukrainian ministries and banks. The hackers who carried out this attack flooded these websites with access requests in order to overwhelm them and cause them to crash.