An Overview of Russian–Ukrainian cyberwarfare | by Vishnuaravi | Jun, 2022 | #malware | #ransomware

This article evaluates the ongoing cyber war between Russia and Ukraine and the lessons that it offers in the emerging domain of cyber warfare.

Photo by Tima Miroshnichenko in

Today, cyberspace has already emerged as the fifth dimension of warfare. Traditionally there were three dimensions of warfare (i.e) land, sea, and air. Then with advances in space technology, outer space became the fourth dimension of warfare and now with advances in cyberspace and with cyber tools becoming a part of our day-to-day lives, cyberspace has eventually emerged as the fifth dimension of warfare.

Today, almost every major country and its armed forces and intelligence agencies, they have all developed significant cyber capabilities and they are capable of conducting both offensive and defensive cyber operations. Then you also have non-state actors who engage in cyber wars, and this includes cybercriminals and terrorist groups, and they could either be acting on their own or they could be acting as proxies to state actors.

So today these elements are deploying offensive and defensive cyber weapons to not just carry out espionage and spy on their targets for classified information, but they’re also looking to engage in offensive warfare, where they try to bring down the critical infrastructure of the target countries.

Today, it is possible in the cyber domain to bring down a country without even firing a single bullet because a country’s critical infrastructure like airports, railway networks, communication systems, satellites, power plants, and even banking financial system and critical infrastructure of the armed forces and the government, they can all be entirely brought down and crippled by effectively employing offensive cyber weapons and this is exactly what has been playing out between Russia and Ukraine as they have been facing hostilities since at least 2014. In fact, studies have shown that since Russia annexed the Crimean peninsula from Ukraine, both sides have been engaging in a series of cyber attacks against each other, with Russia clearly having an edge over Ukraine.

Russian armed forces and intelligence agencies are said to have developed significant cyber capabilities and between 2014 and 2020, several significant cyber attacks took place against Ukraine’s critical infrastructure. These attacks not only targeted regular websites of Ukraine, and these web pages were defaced, but also critical Ukrainian government facilities were brought under attack by employing ransomware such as Petya and NotPetya, which was essentially a malware or malicious software that was designed to lock up critical computers that control critical infrastructure and the attackers would demand for a ransom to be paid in order to unlock the computers.

Even though these ransomware attacks look like a financial crime, further study showed that Petya and NotPetya ransomware attacks were eventually linked to Russian proxy actors who were probably attacking Ukraine at the behest of Russian intelligence in order to weaken and destabilize Ukraine. These series of cyber-attacks have gone up since 2021 and 2022 and over the last few months, especially after Russia invaded Ukraine, a series of major cyber incidents have been reported. Apart from regular website defacement and ransomware attacks, the attackers have taken it one step further to even unleash DDoS attacks or Distributed Denial of Service Attacks against key Ukrainian websites.

Western intelligence agencies have also noted that Russian intelligence and Russian armed forces have deployed several proxy cyber groups to carry out cyber attacks against Ukraine on their behalf. Reportedly, even cyber groups linked with Belarus, a key ally of Russia, have also been aiding Russia in carrying out these cyber attacks against Ukraine and as well as against few Western targets. These Russian attacks have been countered as well by pro-Ukrainian and anti-Russian cyber groups such as Anonymous, Lizard Squad, and other highly secretive non-state cyber organizations. Many of them are believed to be funded by Western intelligence agencies to help defend Ukraine against these attacks and also to target Russia with tit-for-tat cyber attacks. Russian intelligence agencies such as FSB and GRU, they are known to have developed significant cyber weapon capabilities and they also reportedly work with proxy groups who are non-state groups to launch these devastating cyber-attacks against Ukrainian infrastructure.

So this brings into question the role of cyber wars and cyber espionage in today’s conflicts and how they are changing the very face and nature of conflicts.

So now the question is to what extent is India prepared for the future of warfare, which is going to be hybrid, and without a doubt, cyberspace is going to play a critical role in the future of every conflict.

India on its part has created legal and institutional mechanisms to defend itself against cyber attacks and of late has also been trying to build up its cyber offensive capabilities to even launch offensive cyber attacks against target countries. India has long been a target of cyber attacks and has often seemed to be falling behind the curve when it comes to adapting to the rapid developments taking place in the cyber domain. But today, through the IT Act and subsequent amendments to it and to the national cybersecurity policy of 2013, India has created a legal framework that is necessary to deal not just with cybercrimes, but also with cyber wars and cyber espionage.

Along with this, India has taken a number of institutional measures, such as the establishment of CERT-In (Computer Emergency Response Team India) to defend India’s cyberspace, particularly the civilian cyberspace, from all forms of cybercrimes and cyber-attacks. Apart from CERT-In, India has also established the National Critical Information Infrastructure Protection Centre (NCIIPC) as a dedicated cybersecurity institution to defend India’s critical information infrastructure. India has also set up the National Cyber Coordination Centre (NCCC) under CERT-In itself to act as a coordinating platform between various concerned agencies to protect India’s cyberspace. Here, it is important to note that the National Critical Information Infrastructure Protection Center has been set up under NTRO (the National Technical Research Organization), which happens to be India’s elite technical intelligence agency.

Along with these institutions responsible for defending India’s cyberspace, India has even raised the Defence Cyber Agency as an armed force that will exclusively look after India’s cyber warfare doctrine and it is in the process of developing both offensive and defensive capabilities to lead India into the future of cyber warfare. While CERT-In, NCIIPC, and NCCC are civilian institutions, the Defense Cyber Agency is a military institution and this forms India’s institutional response to the cyber threats.

Original Source link

Leave a Reply

Your email address will not be published.

fifty four − = forty seven