Connect with us

Hi, what are you looking for?

The Embassy

Cyberattacks: How Putin Is Trying to Win the War in Ukraine?

Image Credit: Creative Commons.
The Norse data wall on the operations floor of the 275th Cyber Operations Squadron, called the Hunter's Den, provides real time worldwide cyber attack sources and attack locations for the 175th Cyberspace Operations Group of the Maryland Air National Guard at Warfield Air National Guard Base, Middle River, Md., Dec. 2, 2017. This portion of the screen is focused on attacks within North America. (U.S. Air Force photo by J.M. Eddins Jr.)

The war in Ukraine is about to enter its fifth month, and the Russian military and security services are using their whole arsenal in an attempt to achieve some semblance of victory after the humiliating failures of the past few months. 

Cyberattacks are some of the measures Moscow is using to disrupt and degrade the Ukrainian capabilities and those of its international allies and partners.  

Russian Cyberattacks 

The British government came out with a warning that Russian hackers—though it is unclear if it is part of the military or security services or just proxies—are taking down websites through Distributed Denial of Service (DDoS) attacks. 

Cyber attacks orchestrated by pro-Russian criminal groups against UK allies since Russia invaded Ukraine are unacceptable. This is just one example of the growing threats facing democracies,” the British Foreign, Commonwealth, and Development Office stated.

“A series of website takedowns, or DDOS attacks over the last few months against European partners have sought to disable and disrupt government communications. Good cyber resilience meant the attacks had limited impact,” the British government added.

“The UK is working with the EU, NATO and like-minded nations to call out and counter threats in cyberspace and build the resilience and capabilities of our partners,” the British Foreign, Commonwealth, and Development Office said.

AcidRain: How the War Began 

The whole invasion began with a cyberattack. Just a few hours before the first Russian armored columns crossed the border with Ukraine or the air assault against the Hostomel airport near Kyiv took place, the Kremlin unleashed a cyberweapon.

Russian hackers used “AcidRain,” a wiper malware, against Viasat, a U.S. satellite communications firm that has been working with the Ukrainian military. 

The cyberweapon specifically targeted Viasat modems and routers and erased any data on them before permanently disabling them. The primary objective of the Russian hackers was to stop or disrupt the secure satellite communications of the Ukrainian government and military at the most crucial stage of the war. 

In the opening hours and days of the war, most believed that the Ukrainian military would collapse under the weight of the Russian tiger—forget that the Russian military eventually proved itself to be a paper tiger. And if the Ukrainian frontline units couldn’t coordinate with leadership at the critical moment, the Russians could have won. 

AcidRain, however, got out of control and started infecting modems and routers elsewhere in Europe, upsetting the lives and operations of thousands. 

“The United States is joining with allies and partners to condemn Russia’s destructive cyber activities against Ukraine. In the months leading up to and after Russia’s illegal further invasion began, Ukraine experienced a series of disruptive cyber operations, including website defacements, distributed denial-of-service (DDoS) attacks, and cyber attacks to delete data from computers belonging to government and private entities – all part of the Russian playbook,” the U.S. Department of State had stated

But the attacks had begun before the invasion. Russian cyber operators had penetrated Ukrainian systems and placed wipers. 

“For example, the United States has assessed that Russian military cyber operators have deployed multiple families of destructive wiper malware, including WhisperGate, on Ukrainian Government and private sector networks. These disruptive cyber operations began in January 2022, before Russia’s illegal further invasion of Ukraine and have continued throughout the war,” the State Department had added.

1945’s New Defense and National Security Columnist, Stavros Atlamazoglou is a seasoned defense journalist specializing in special operations, a Hellenic Army veteran (national service with the 575th Marine Battalion and Army HQ), and a Johns Hopkins University graduate. His work has been featured in Business InsiderSandboxx, and SOFREP.

1945’s Defense and National Security Columnist, Stavros Atlamazoglou is a seasoned defense journalist with specialized expertise in special operations, a Hellenic Army veteran (national service with the 575th Marine Battalion and Army HQ), and a Johns Hopkins University graduate. His work has been featured in Business Insider, Sandboxx, and SOFREP.