Connect with us

Hi, what are you looking for?



Cyber Warfare Rife in Ukraine, But Impact Stays in Shadows

Cyberware - Russia and Ukraine

Cyberware - Russia and Ukraine

Hackings, network sabotage and other cyber warfare campaigns are being intensely deployed by both sides as Russia’s invasion of Ukraine grinds on, though the covert operations have not proved decisive on the battlefield — at least so far.

Western allies initially feared a tsunami of cyberattacks against Ukraine’s military command and critical infrastructure, hindering its ability to resist the Russian forces pouring across its borders.

As of mid-September, the Cyber Peace Institute, an NGO based in Switzerland, counted nearly 450 attacks — roughly 12 a week — carried out by 57 different entities on either side since the invasion was launched in February.

Yet with European and US help, Kyiv has largely withstood the high-tech onslaught.

“Large-scale cyberattacks have indeed occurred, but it’s generally agreed that they have clearly failed to produce the ‘shock and awe’ effect some predicted,” according to Alexis Rapin, a researcher at the University of Quebec.

Writing for the strategic studies site Le Rubicon, he said the most devastating attacks often take months or even years to plan and execute, “making it very difficult to synchronise them with a conventional military campaign.”

Another factor may be the massive help Ukraine has had from its allies, including software and expertise to protect its systems as well as counterattacks that may be hampering Moscow’s cyber strategy.

Advertisement. Scroll to continue reading.

{ Read: Russia-Ukraine: Threat of Local Cyber Ops Escalating Into Global Cyberwar }

“Russia has been under constant cyber assault over the last few months from an international coalition of volunteer, non-governmental hacking organisations, the most prominent being the ‘Anonymous’ movement,” said Arnault Barichella, a researcher at the Jacques Delors Institute in Paris.

While it remains unclear how effective these “spontaneous” attacks have been, “Russia simply underestimated Ukraine’s cyber resilience, in the same way that it underestimated the country’s armed forces,” he wrote in a recent report.

– Hybrid war –

Nonetheless, the war on Europe’s eastern flank offers on-the-ground proof that cyber assaults will be part and parcel of 21st century armed conflicts.

Even before the first Russian tank rolled into Ukraine, hackers in mid-January launched the WhisperGate malware against around 70 Ukrainian government sites, followed by a distributed denial of service (DDoS) campaign that disrupted banks, radio stations and websites.

{ Read: Ukraine Says Russia Planning ‘Massive Cyberattacks’ on Critical Infrastructure }

Moscow was then suspected of being behind the Hermetic Wiper virus that knocked out some 300 IT systems in Ukraine, while hackers targeted the Viasat satellite operator to deactivated thousands of internet modems.

“Most people did not hear about the fact that almost every Russian attack came with a cyberattack before and during operations — cyber usually does not kill people,” said Eviatar Matania of the Israel National Cyber Bureau.

And in most cases, IT networks that come under attack can often be restored in a few days if not hours, limiting their use when hostilities have escalated to open warfare.

More likely, cyber campaigns will be ongoing between rival states, aiming to destabilise and demotivate as opposed to seeking a knockout blow on the battlefield.

“Currently cyber is more important in peacetime than in conventional war — in cyber we are all the time in conflict,” Matania told AFP.

Rapin agrees that cyber warfare is most suited to sabotage, espionage and information wars aimed at sapping morale — the sort of clandestine warfare waged before any shots are fired.

The tactics appear essential, however, when laying the groundwork for conventional military campaigns in which even just a few hours of having a communications or electricity network offline could offer a decisive advantage for ground and air forces. 

“Cyber operations aren’t some magical dust that gets sprinkled on at the end of an operation,” said Colin Clarke, director of research at the Soufan Center security think-tank.

“They are woven into, or closely integrated, with the full suite of US military capabilities and security cooperation activities,” not least pre-battlefield planning, he told AFP.

But the impacts of cyber assaults are often not revealed until months or years after they are deployed.

It took nearly two years before the public learned about the Stuxnet computer virus that allegedly destroyed around 1,000 of Iran’s nuclear centrifuges, used to refine uranium for use in atomic weapons — widely thought to be the result of a US and Israeli campaign.

And if Russian President Vladimir Putin determines that his Ukraine invasion is faltering, the retaliation in the cyber domain could prove more potent than seen up to now.

“You cannot underestimate the danger of a cyber escalation, especially if the Russian military operations on the ground flounder and the Kremlin feels as if its back is against the wall,” Barichella said.

Related: Russia, Ukraine and the Danger of a Global Cyberwar

Related: Destructive ‘HermeticWiper’ Malware Targets Computers in Ukraine

RelatedMore Russian Attacks Against Ukraine Come to Light

RelatedMicrosoft Uncovers Destructive Malware Used in Ukraine Cyberattacks

RelatedUkraine Attack: Hackers Had Access for Months Before Causing Damage

RelatedUkraine Attacks Involved Exploitation of Log4j, October CMS Vulnerabilities

Written By

AFP 2023

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content


WASHINGTON - Cyberattacks are the most serious threat facing the United States, even more so than terrorism, according to American defense experts. Almost half...


Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet


The war in Ukraine is the first major conflagration between two technologically advanced powers in the age of cyber. It prompts us to question...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...


Iranian APT Moses Staff is leaking data stolen from Saudi Arabia government ministries under the recently created Abraham's Ax persona

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...


Russia-linked cyberespionage group APT29 has been observed using embassy-themed lures and the GraphicalNeutrino malware in recent attacks.


ENISA and CERT-EU warn of Chinese threat actors targeting businesses and government organizations in the European Union.