Russian cyberattacks on Ukrainian infrastructure redefine the game

Moscow is attempting to make its hacking sprees as psychologically difficult for Ukrainians as possible.

 A Russian flag is seen on the laptop screen in front of a computer screen on which cyber code is displayed, in this illustration picture taken March 2, 2018. (photo credit: REUTERS/KACPER PEMPEL/ILLUSTRATION/FILE PHOTO)
A Russian flag is seen on the laptop screen in front of a computer screen on which cyber code is displayed, in this illustration picture taken March 2, 2018.
(photo credit: REUTERS/KACPER PEMPEL/ILLUSTRATION/FILE PHOTO)

After failures in its physical-world warfare strategy, Moscow has launched a massive and constant cyber offensive on Ukrainian civilian infrastructure the likes of which the world has never seen, Politico reported Thursday.

Ukraine was hit by more than 2,000 cyberattacks in 2022, according to statistics from Ukraine’s Computer Emergency Response Team noted in the report.

While the US and Israel often talk about millions of cyberattacks on a regular basis, these 2,000 attacks were serious ones on infrastructure. The number of publicly known serious attacks on Israeli infrastructure, versus data, is in the single digits.

In other words, 2,000 attacks of that caliber from Russia are completely redefining the game of what is possible.

Given that infrastructure attacks require far more resources and sophistication, the volume of attacks shows that Moscow has reached new levels of both quality and quantity in the cyberattack sphere.

Projection of cyber code on hooded man (llustrative) (credit: REUTERS/KACPER PEMPEL/ILLUSTRATION TPX IMAGES OF THE DAY)Projection of cyber code on hooded man (llustrative) (credit: REUTERS/KACPER PEMPEL/ILLUSTRATION TPX IMAGES OF THE DAY)

Breaking down these attacks, more than 300 were against the security and defense sector, more than 400 attacks struck groups impacting civilian life, including organizations in the commercial, energy, financial, telecommunications and software sectors, and over 500 other attacks targeted government groups.

A recent report cited by Politico from Ukraine’s State Service of Special Communications and Information Protection determined that even as the pace of cyberattacks against Ukraine slowed overall between September and December of 2022, public services and energy, as opposed to the military sector, were increasingly targeted.

“The longer Russia wages this war, the harder it is going to be on those Ukrainian people and the more vulnerable they’ll be to destructive cyberattacks against the critical infrastructure,” Rob Joyce, the director of cybersecurity at the NSA, said according to the report.

“I’m concerned that the Russian actors will increasingly look to amplify the things they’re doing with kinetic effects in that space.”

Further, the report said that Moscow is attempting to make its hacking sprees as psychologically difficult for Ukrainians as possible. Microsoft warned in a December report that the Kremlin has coordinated cyberattacks and missile strikes on the Ukrainian energy and water sectors, and that Russia may use similar tactics against neighboring countries like Poland or groups and countries providing assistance to Ukraine.

John Hultquist, vice president of threat intelligence at cybersecurity company Mandiant, which has helped support Ukraine’s cyber defenses, said, “We think that some of these attempts, on power particularly, are done… to strike fear into every Ukrainian and really just up the psychological toll.”

Israel has avoided giving Ukraine attack weaponry and even sensitive defense weaponry, like Iron Dome, and is not expecting any direct cyber hits from Russia.

Has Iran learned from Russia? 

But what if Moscow passed on some of its new capabilities to Iran for launching cyber strikes on a massive number of infrastructure targets at the same time in a way that Israel has not experienced?

It is one thing for Jerusalem to be an expert at blocking lower-level cyberattacks on websites and data or the very occasional more serious single strike on infrastructure. But how quickly would Israel be overwhelmed by dozens or more powerful A-level attacks on different infrastructure points all over the country at the same time?

What’s more, is that it is not just that civilian infrastructure has been partially added to the list of targets for Russia. Rather, the report quoted Victor Zhora, deputy chair and chief digital transformation officer of Ukraine’s SSSCIP, saying that the public sector is now attacked “twice as much” as the military sector.

“The key purposes of Russia’s hacking activity are espionage, misinformation and damaging critical infrastructure… Russia’s activities in Ukraine, their unprovoked aggression in cyberspace, has the same goals as their so-called ‘military strategy’ for Ukraine, i.e. terrorizing Ukrainian civilians,” said Zhora.