Ukrainian officials warn Russia is planning major cyber attacks that could take down its power system.
They also say neighbours including Poland and the Baltic states could experience an increase in infrastructure-targeting denial of service (DDoS) attacks.
‘By the cyberattacks, the enemy will try to increase the effect of missile strikes on electricity supply facilities, primarily in the eastern and southern regions of Ukraine,’ an intelligence advisory warned on Monday.
‘The occupying command is convinced that this will slow down the offensive operations of the Ukrainian Defence Forces.’
In 2015 and 2016, two Kremlin-linked cyberattacks took out the country’s power grids. The first adapted existing Russian-developed malware, while the second used entirely new malware.
Ukraine’s power network has long been considered vulnerable to Russian attacks, in part because it was built during the Soviet era and has since been upgraded with Russian tech.
Supported by countries like the US, Ukraine responded to these attacks by making its cybersecurity more sophisticated.
In February, engineers rushed to sever connections with Russian networks and switch to the European system in an effort to bolster security.
These efforts continue, with the Computer Emergency Response Team of Ukraine announcing it had quashed an attempted malware attack on its power grid in April.
This attempt used an updated version of the malware developed for the successful 2016 attack.
Chris Sistrunk, technical manager of Mandiant Industrial Control Systems Consulting, told arsTechnica Ukraine had become very good at thwarting these attacks.
‘Based on [April’s successful defence], and what we know about the Ukrainian people’s overall resolve, it’s increasingly clear that one of the reasons cyberattacks in Ukraine have been dampened is because its defenders are very aggressive and very good at confronting Russian actors.’
But it remains the case that the Kremlin-backed ‘Sandworm’ group of hackers are some of the best in the world.
Questions over whether or not the country would focuse on blockbuster cyber attacks during this phase of the war have been brewing for some time.
In the run up to Russia’s invasion in February, governments were concerned the country might orchestrate more infrastructure-bashing cyber campaigns.
But early hacking efforts seemed to focus on information warfare, rather than taking official Ukrainian information offline in the form of denial of service attacks.
Cybersecurity experts told Metro.co.uk it would take time and money to launch the kind of cyber campagns seen in the past: an option that may not appeal in the midst of an already costly war.
As Sneha Dawda from the Royal United Services Institute said in March, it may simply be ‘cheaper to drop bombs.’
Whether further attempts to down Ukraine’s power grid are on the horizon —and how successful they may be — remains to be seen.
Source: Read Full Article