Summary Bullets:

• In the months leading up to Russia’s invasion of Ukraine, the country was laying the groundwork for cyberwar.
• But Ukraine is fighting back with the support of its own underground hacking community and hackers from beyond its borders playing a part in interfering with Russian operations and trying to stall the invading country’s momentum.
Cyberattacks have been used by hacktivists in the past to wage political and ethical battles for years. But in the days following Russia’s invasion of Ukraine is taking cyberwarfare to a new level. Months before to Russia’s February 24th military invasion of Ukraine, Russia took to cyberspace to infiltrate and in some cases destabilize networks within its neighbor. Reports of distributed denial of service (DDoS) attacks allegedly initiated by Russia surfaced the week before the invasion, flooding the networks of Ukraine’s defense ministry and two banks. The attacks against the banks were launched in two waves, with the first interrupting service. The second stage involved text messages to clients telling them the bank was no longer functioning.
And there are indicators that Russia had breached Ukraine’s months before and was lying in wait to attack, installing data wiper malware on hundreds of computers In Ukraine. The wiper malware can delete all files from a computer, essentially making the computer unusable.
Russia has not taken responsibility for any of these breaches but there is a years-long history of cyberattacks against Ukraine in which the country is a prime suspect. Going back as far as 2014 after Russia annexed the Crimean peninsula from Ukraine, the Ukrainian government has accused Russia of breaching its systems including multiple attacks against its power grid.
There are also reports that some Russia citizen vigilante hackers are currently working in concert to destabilize Ukrainian systems via DDoS. And just as Ukraine continues its fight on the ground, its government has asked for IT security experts to both help its efforts to defend critical infrastructure and to wage cyberattacks against Russian systems.
Hackers outside Ukraine are also lending support to the besieged nation. Attacks launched against the Russian systems responsible for running the countries trains have slowed down transport and interrupted ticket buying. The effort was designed to interfere with the transport of troops to Ukraine.
The hacktivist group Anonymous also declared cyberwar on Russia, bringing down three of the country’s news sites. All this underscores what a powerful and potentially damaging weapon cyberattacks are in modern warfare.
Disinformation has also come into play as a weapon. Meta, Facebook’s parent, identified and disabled 40 accounts created in recent days using AI to create fake online identities in order to disseminate disinformation about Ukraine.
It remains to be seen what impact these cyberattacks and counter attacks will have the military battles on the ground. But this will certainly translate into many lessons learned that are applicable to both public and private sector entities in the future.