Russia’s cyberwar on Ukraine more nuanced than expected


Russia’s approach to cyber warfare against Ukraine has so far proven to be more subtle than expected.

This week’s Microsoft operations report reveals that Moscow-backed hackers launched more than 200 cyberattacks on Ukraine, including nearly 40 destructive ones that targeted government organizations and critical sectors in the country.

Cyber ​​experts say the analysis suggests hidden depths in Russia’s cyber operations in Ukraine, because although it has the ability to launch more damaging cyber attacks, it has chosen to inflict less attacks. harmful at the moment.

“Microsoft’s report illustrates the complex and nuanced role of cyber operations in the Russian-Ukrainian war,” said Michael Daniel, president and CEO of Cyber ​​Threat Alliance.

Daniel said while the report shows there is more cyber activity than initial data indicated, it also illustrates where the Russians are choosing to focus their efforts.

“Microsoft identified less than 20% of operations as destructive, which means the majority of cyber operations were essentially espionage activities of some kind,” he said.

He added that the destructive attacks appeared to have targeted information technology systems, achieving “primarily tactical-level effects as opposed to the strategic disruption that many thought the Russians could achieve.”

“The result is that cyber hasn’t been entirely absent, but it hasn’t played the outsized role that many feared,” Daniel said.

Many experts, including policymakers and intelligence officials, predicted that after the start of the invasion of Ukraine in late February, the Kremlin would launch massive and destructive cyberattacks against the West, especially in the following the crippling economic sanctions imposed on it.

The report, however, suggests that the Russians are also dealing with a country that has strengthened its cyber defenses over the years, making damaging attacks difficult.

“I saw [the report] more like a tribute to the Ukrainian defenses as they pretty much repelled – with a little help – anything the Russians could throw at them,” said James Lewis, senior vice president and strategic technology program director at the Center for strategic and international studies. .

Since Ukraine suffered two separate destructive cyberattacks in 2015 and 2017 that targeted its power grid and key institutions, Kyiv has made significant investments to improve its cybersecurity. Ukraine has also received substantial assistance, both financial and technical, from the United States and the European Union.

U.S. officials recently underscored the importance of this investment, pointing to a $40 million contribution the United States has made since 2017 to help Ukraine develop and improve its information technology sector.

At a briefing in March, Defense Department spokesman John Kirby told reporters that these investments had helped Ukraine improve its cyber resilience, which he said is currently at risk.

In April, Ukrainian officials said they had successfully intercepted a Russian cyberattack intended to disrupt the country’s power grid.

The attempted attack aimed to hit computers controlling high-voltage substations of an energy company. Officials said the hackers behind the foiled attack are affiliated with Russia’s military intelligence agency, GRU.

Although the Russians have yet to deploy all of their cyber capabilities against the United States and Western Europe, Daniel warned that they could potentially do so in the future.

“[Russia] definitely has the ability to inflict more widespread damage if he makes the decision to go that route,” Daniel said.

But he also explained that even with its sophisticated cyber arsenal, Russia may not always be able to achieve its goal.

“Russian activities to date reinforce the idea that it is possible to achieve effects through cyberspace, but to have the precise effect you want at exactly the time and place of your choosing, and only that effect , remains a challenge,” said Daniel.

“Thus, we must remain on our guard against an expansion or escalation of Russia’s activities in cyberspace,” he added.

Previous Binance to Educate Indian Investors About Crypto and Blockchain
Next Weekly meetings and agendas: May 2 to May 7