• Eyal Pinko

Russia's Cyber Attacks in Ukraine

In the heart of the Ukrainian winter, Kyiv has become a ruthless battlefield in the last two days, similar to other cities in Ukraine. Russia invaded with a large military force, including a combined operation of infantry, armor, artillery, air, and sea.

Along with its military power, the Russian military launched other moves as part of a comprehensive combat doctrine known as "hybrid warfare." This doctrine combines classic military efforts with the use of "soft" power, which aims to achieve military and political goals without military force.

For example, in this context, the Russian intelligence operates agents on Ukrainian soil, whose missions are to support the pro-Russian population and conduct guerrilla operations against the Ukrainian army, including firing anti-tank and anti-aircraft missiles. This campaign was also joined by Chechen assassins, who are seeking to hunt down and eliminate the Ukrainian president.

At the same time, Russian intelligence is conducting a comprehensive psychological warfare campaign - influence operation - designed to sow fear and chaos among the local population, influence the Ukrainian leadership and encourage pro-Russian Ukrainian to act against the government. The influence operation is also aimed towards the United States and NATO to create deterrence. The operation started about two months ago and uses all the media, internet, and social networking infrastructure.

But the most prominent component in Russian hybrid warfare is cyber warfare.

Like the 2014 campaign, Russia operates an extensive cyber-attack array, partly based on the Russian intelligence capabilities and partly on pro-Russian hacker groups, which have advanced attack capabilities. It should be noted that the Russian hacker groups have been carrying out many successful cyberattacks against Europe, the United States, and even Israel for long years.

The purpose of the Russian cyberattack groups is to attack the critical national infrastructures in Ukraine, including electricity, water, healthcare, banking, railways, communications networks, and other critical national infrastructures.

Attacking and shutting down Ukraine's national infrastructure helps the Russian military disrupt the Ukrainian military's defensive capabilities, disrupts command and control systems, impedes the ability to provide vital services to civilians (including electricity and health services), and wreaks havoc on all.

For example, in the first cyberattack, on January 14, about 70 Ukrainian government sites were attacked and shut down, including the website of the Ministry of Education and the Ministry of Defense. The Russian attackers left a message for users when accessing the sites: "Ukrainians - all information about you is now public. You must be afraid and expect the worst!". In addition, the Russian attack included disabling access to servers of government ministries and vital organizations.

The various kinds of Russian cyberattacks directed against Ukraine, NATO countries, the European Union countries, and the United States have already begun to be identified. The attacks are directed against governmental websites, banks, trains, and more.

NATO's concerns over Russian cyber activity was emphasized on Friday, February 25, by the NATO Secretary-General, who said at a press conference that "Russia's cyberattacks on NATO allies may be the ground for enforcing Article 5." Article 5 is the mutual defense clause of Allies, allowing an armed response to the extent of the use of force against one of the states.

It is recommended that the EU countries immediately increase monitoring and awareness of vital systems in the country to prevent damage to the critical national infrastructure due to the Russian response to EU acts.

257 views0 comments