By Guy Golan, CEO and Founder of Performanta
The Russian attack on Ukraine has been an eye opener for everyone, and industries across the world have been rattled by the sheer aggression demonstrated across the European territory, both on the physical side and on the cyber plains. The initial cyber-attacks on Ukrainian organisations leading up to the invasion has been recognised as the first step in the wider war strategy.
Taking out critical infrastructure and disrupting communication channels is a tactical strike to weaken the victim, before then launching the main physical campaign. It’s the equivalent to blindfolding your opponent before delivering the final blow, leaving them defenceless.
Russia’s actions have also sparked cyber retaliation. Hacktivist group Anonymous has also declared ‘cyber war’ on Vladimir Putin in response to his invasion of Ukraine, targeting Russian websites and TV networks in an effort to broadcast the hidden truths of the horrors taking place in the country.
Regardless of which side you stand, cyber warfare will impact us all. Stray bullets in physical battle are devastating – and we’re likely to see the cyber equivalent moving forwards.
Cyber shots fired
Through Russia’s invasion of Ukraine, we have essentially witnessed a declaration of another international war, but this time, not a single shot was fired in the first instance. Instead, the ammunition used took the form of DDoS attacks, and the trigger was a computer keyboard.
Russia’s initial cyber-attacks on Ukraine, as an attempt to destabilise the country’s economy, infrastructure and government, not only illustrated Russia’s ability to knock out Ukrainian systems, but also emphasised Ukraine’s lack of preparedness. Understandably, few countries would anticipate a full-blown international attack, but everything’s changed, and this is now a very real possibility moving forwards to which other countries should take heed.
In addition to Anonymous’s retaliation, we’ve also witnessed the rise of the IT Army of Ukraine, a group of volunteer hackers from around the world dedicated to bringing down Russian government and financial websites. With over 311,000 members, the group has entered a new league of cyber warfare, driven by an international digital army.
Cyber war has been on the cards for years, with organisational bodies like NATO preparing for its arrival. And the increased level of activity from Anonymous and the IT Army is just a taste of what could develop in the near future.
Private concerns become public
Experts have known for years that cyber campaigns of this size, scale and sophistication are possible, but only now are these fears being realised. Attacks have been directed at critical infrastructure before, the finger often being pointed at rival countries on some matter of conflict. The Colonial Pipeline attack is a prime example.
But this is the first time a cyber-attack has been publicised as being a declaration of war. While this level of attack has happened before, it hasn’t been made visible to the public, or taken as far as recent events have. The Russian invasion in Ukraine, from a cyber war perspective, is providing invaluable insight in the sense that people are connecting the dots between cyber-attacks and the beginnings of war. We have entered an age where countries can be brought to their knees without using a physical army.
One of our biggest concerns now is that the cyber-attacks launched by Russia before the invasion were just the tip of the iceberg. As the devastation continues, experts are contemplating the probability of further cyber campaigns, particularly in the US. Whether this is true or not, we are still unsure, but we’d be naïve not to learn from past events.
One thing we can say for certain is that the Russia-Ukraine conflict is not the first to adopt a cyber campaign, and it won’t be the last. Some countries have begun strategizing for this very real possibility, but how prepared are they?
The importance of preparedness
The recent events are a major concern for other countries with less developed cyber structures, and should act as a wake-up call for those who have failed to address their cyber requirements over the last few years. As we well know, criminals and nation states have become increasingly sophisticated in recent years, with access to advanced technology and resources that could easily contribute to global devastation if applied to a war scenario.
Tensions are high, and governments and businesses alike are turning their focuses inwards to ensure defences are up to scratch. Satellite operators are being advised to be on high alert following a cyber-attack that disrupted internet services in Europe. And the NCSC has been urging businesses to gear up and boost cybersecurity efforts amidst the ongoing conflict.
While attacks like Russia’s invasion of Ukraine are few and far between, it demonstrates the different levels of conflict that can occur. And organisations across the world should ensure they’re ready to face similar threats head on in case they too find themselves a target.