Russian missile strikes overshadow cyberattacks as Ukraine reels from blackouts | CNN Politics


Washington
CNN

Russia has Ukrainian cities were shocked With missile and drone attacks over the past month, targeting civilians and the country’s critical infrastructure.

As of Monday, 40% of Kyiv residents were without water and widespread power outages were reported across the country. On Thursday, Ukrainian President Volodymyr Zelensky Russia accused of ‘energy terrorism’ And said about 4.5 million Ukrainian consumers were temporarily cut off from electricity supply.

This devastation is exemplified by how indiscriminate bombing remains the Kremlin’s preferred tactic during the eight months of war on Ukraine. Meanwhile, Moscow’s formidable hacking capabilities are playing a peripheral rather than central role in the Kremlin’s efforts to destroy Ukrainian critical infrastructure.

“Why burn your cyber capabilities when you can achieve the same goals with kinetic attacks?” A senior US official told CNN.

But experts who spoke to CNN suggest that the question is more likely why Russia’s cyberattacks haven’t had a more visible impact on the battlefield.

Effectively integrating cyber and kinetic operations “requires a high degree of integrated planning and execution,” argued one US military official who focuses on cyber defense. “The Russians, even with their aviation, artillery and ground assault forces, cannot overcome it.”

The lack of verifiable information about successful cyber attacks during war complicates the picture.

A Western official who focuses on cyber security said the Ukrainians are not publicly disclosing the full extent of the impact of Russian hacks on their infrastructure and their connection to Russian missile attacks. That could deprive Russia of insight into the effectiveness of its cyber operations and in turn affect Russia’s war planning, the official said.

Certainly, suspected Russian cyberattacks have hit various Ukrainian industries, and some hacks have been linked to Russia’s military objectives. But high-impact hacks that take out power or transportation networks are largely missing.

Nowhere was that more evident than in recent weeks of Russian drone and missile attacks on Ukraine’s energy infrastructure. This is in stark contrast to 2015 and 2016 when, after Russia’s illegal annexation of Crimea, it was Russian military hackers, not bombs, who left more than a quarter million Ukrainians in the dark.

“All Ukrainian citizens are living in these conditions now,” said Viktor Zora, a senior Ukrainian government cyber security official, referring to blackouts and water shortages. “Imagine your normal day with constant disruptions to electricity or water supply, mobile communications or a combination of everything.”

Cyber ​​operations targeting industrial plants can take months to plan, and after the explosion of a bridge linking Crimea to Russia in early October, Putin was “trying to go for a big, flashy public response to the attack on the bridge,” a senior US official said.

But officials tell CNN that Ukraine also deserves credit for its improved cyber defenses. In April, Kiev claimed to have foiled a hacking attempt at a power substation by the same group of Russian military hackers that carried out blackouts in Ukraine in 2015 and 2016.

Those victories have been overshadowed by the war’s human toll.

Ukrainian cybersecurity officials have had to dodge gunfire for months while doing their jobs: protecting government networks from Russia’s intelligence agencies and criminal hackers.

Four officials of Ukraine’s main cyber and communications agency – the State Service of Special Communications and Information Protection (SSSCIP) – were killed in a missile attack on October 10, the agency said in a press release. The four officers do not have cybersecurity responsibilities, but their loss in the second grueling month of war has weighed heavily on cybersecurity officials at the agency.

Hackers with ties to Russian intelligence and military agencies have targeted Ukrainian government agencies and critical infrastructure with hacking tools for years.

At least six different Kremlin-linked hacking groups carried out nearly 240 cyber operations against Ukrainian targets in the weeks following Russia’s February invasion, Microsoft said in April. That includes a hack the White House blamed on the Kremlin, which disrupted satellite Internet communications in Ukraine on the eve of Russia’s invasion.

“I don’t think Russia will measure success in cyberspace by a single attack,” the Western official said, but rather by “their cumulative effect” of trying to bring down the Ukrainians.

But now there are open questions among some private analysts and U.S. and Ukrainian officials about the extent to which Russian government hackers have exploited or “burned” some of their more sensitive access to Ukrainian critical infrastructure in previous attacks. Once discovered, hackers often lose access to their original route into a computer network.

In 2017, as Russia’s hybrid war raged in eastern Ukraine, Russia’s military intelligence agency uncovered devastating malware known as NotPetya that wiped out computer systems at companies in Ukraine before spreading around the world, the Justice Department and private investigators said. The incident disrupted the shipping giant Maersk and other multinationals, costing the global economy billions of dollars.

That operation involved identifying widely used Ukrainian software, infiltrating it and injecting malicious code to weaponize it, said Matt Olney, director of threat and prevention at Talos, Cisco’s threat intelligence unit.

“It was all incredibly effective as a final product,” said Olney, who has responded to cyber incidents in Ukraine for years. “And it takes time and opportunities that sometimes you can’t just conjure up.”

“I am absolutely sure [the Russians] Wish they had what they burned during the notepad,” Olney told CNN.

Zora, the Ukrainian official who is vice president of SSSCIP, called on Western governments to tighten restrictions on access to software tools that feed Russia’s hacking arsenal.

“We should not discard that possibility [Russian government hacking] The group is currently working on some highly-sophisticated attacks that we will monitor later,” Zora told CNN. “Not all Russian military hackers and government-controlled groups are on vacation or out of business.”

Tanal Sepp, Estonia’s ambassador-at-large for cyber affairs, told CNN that the Russians are likely to turn to a “new wave” of cyber attacks as their battlefield conflicts continue.

“Our main goal is to isolate Russia as much as possible internationally”, Sepp said, adding that the former Soviet state had not communicated with Russia on cyber security issues in months.

Source link

Leave a Comment