Concerns were already long before Russia decided to invade Ukraine on Thursday, February 24th. Military operations initiated on the ground by the Kremlin were expected to be linked to online attacks. Therefore, two days before Russia’s invasion, the European Union deployed a monitoring and response team ready to protect Ukraine’s critical technological infrastructure from potential trends from neighboring countries or their allies. Same vigilance among French counterparts: “Current international tensions, especially between Russia and Ukraine, can have implications for cyberspace that must be expected.”, Warned the National Authority for Information System Security (Anssi) on Saturday. As for the United States, their cybersecurity agencies are still on high alert. “Strengthen defense” ((((“Shield up”) She continues to have a close relationship with the state-owned enterprise.
However, in reality, no major cyberattacks have been observed against Ukraine’s critical infrastructure, and we are currently witnessing unverifiable hacks and operational claims confusion that are extremely difficult to assess. I am doing it.
The most serious threat was due to malware discovered on the night of February 23-24, just before the Russian military invasion began. Nicknamed “Hermetic Wiper,” the virus is designed to erase the contents of infected computers for the signing of digital certificates that refer to a small company in Cyprus (denying involvement).
According to Bloomberg, at least three Ukrainian entities, including the Interior Ministry, have been affected by this. Wiper (Data Corruption Software), a source of information that tells US news agencies that data has been stolen from the ministry’s computer network before malware deletes it. Some companies specializing in computer security are also observing the combination of Hermetic Wiper and fake ransomware. Ransom memos released by multiple researchers do not match the signatures left by key known groups in operation. The attack has not yet been accurately identified, as we know that we can “clean up” traces of previous cyber espionage using wipers and fake ransomware.
Since then, Ukraine’s Minister of Digital Transition, Mihailo Fedorov, has been announcement Creation of “Ukrainian Computer Army”. It’s actually a telegram group that has been broadcasting a list of targets since Saturday, with more than 150,000 members launching denial of service (DDoS) attacks on Russian company sites such as Gazprom, media and government sites. Encourage you to do. The channel has also released a guide to flagging YouTube accounts on several Russian TV channels in large numbers. This initiative is also aimed at foreigners who want to participate in these attacks. It is impossible to estimate the actual impact of these computer attack calls, but it seems more like a communication operation by the Ukrainian government than the pursuit of strategic goals.
The other side is a group suspected of acting in agreement with Belarus’ interests, called UNC1151, alleging that Ukrainian authorities have conducted a phishing campaign targeting a specific number of Belarusian media, not just the military. Was blamed.
At the same time, unreliable groups, such as Internet users who claim to be drawn around anonymous nebulae, are currently having difficulty establishing their credibility, such as hacking into Russian television channels and broadcasting Ukrainian songs. Claims responsibility for action. The GhostSec group is often said to be close to anonymous because it claims to have hacked several Russian government sites on Telegram from Saturday to Sunday night.Conti, a major cybercriminal group suspected of working from Russia, claimed on its official website on Friday. Full support for the Russian governmentBefore taking a step back by refuting the alliance with the government, while continuing to threaten the Western entity. Over the weekend, a database was brought online that was presented as being hacked by hackers in support of Ukraine in relation to Russia’s interests, but could not confirm the authenticity or importance of the data.
Recent digital skirmishes remain far from being comparable in scale to other attacks in Ukraine by pro-Russian groups or groups related to the Russian state in recent years. In 2017, the country was the first malware to bear the brunt of NotPetya malware, and its creation and use is attributed to Russia by the majority of experts. This wiper-type malware began by paralyzing Ukraine and thousands of companies, banks, supermarkets, and even public services at gas stations, and spread to other countries, including Russia, with total damage worth $ 10 billion. I did. Recently, in mid-January, Microsoft discovered malware targeting the infrastructure of the official Ukrainian website.
Recent attacks and claims appear to be even more accidental, as Russian military means deployed on the ground are important. The number of victims of this violent conflict is currently very difficult to assess. A report released by the Minister of Health of Ukraine on Saturday reported the deaths of 198 civilians, including three children, but there is no time to say that Russia has no losses. In addition, announcements by non-state groups and denial of service attacks by sympathizers are widely publicized, but do not mention any potential more sensitive and cautious activities carried out by services and allies in Ukraine as well as Russia. not.
But reality emerges from a dump of this behavior with more or less credible claims. It’s the reality of a fierce propaganda war on social networks. Manipulated images observed over the weeks and attempts to influence the Russians are a continuation of messages and images aimed at emphasizing the courage and resilience of the Ukrainian people and demoralizing the attackers. It corresponds to the flow. In this way, a site with edited images of dead or captured Russian soldiers is online, and official Ukrainian accounts are constantly broadcasting messages and videos. Praise the effectiveness of the armed forces against invaders..
Russia has recently not hesitated to take very strict censorship measures against the media or participate in a confrontation with Facebook to force social networks to stop moderating messages. Published by the Russian state media. As if Russia believes that the conflict, which is very widely condemned by the overwhelming majority of the world’s nations, must take place in the management of information as much as it would carry out a cyberattack on Ukrainian territory. ..
A selection of articles about the Ukrainian crisis