In the wake of Ukraine's and Russia's cyber attacks, governments and cybersecurity experts throughout the world are concerned about the possibility of this hacking war spilling on a global level. If this happens, it may affect Europe, the United States, and other countries as well.
The US cybersecurity and the Infrastructure Security Agency has issued a warning on January 18 to the critical infrastructure operators. Considering the recent attacks against Ukraine, they have been advised to take urgent steps against cyber threats to US assets.
The current cyber war between Russia and Ukraine has brought forward the major issue of cyber threat, and anyone dealing with data, Internet-as-a-Service, or any reliance on cyber-infrastructure should make a note and adopt new dynamic strategies.
In India, more than 11.5 lakh cyberattacks were recorded and reported to the Computer Emergency Response Team (CERT-In) in 2021, and ransomware attacks have surged by 120 per cent, according to official estimates.
This unprecedent increase in cyber attacks could possibly surge in times of a war situation in future as well. Not only do government agencies need to tighten their grip on these occurrences, but individual enterprises must maintain a constant pace in order to strengthen their cyberinfrastructure and be prepared for any eventuality in the coming future.
Cyberwarfare has the capacity to harm any government, involving enterprises as well that aid in the construction and reconstruction of a nation, this got reemphasised in the ongoing Russia- Ukraine conflict.
mFilterIt, a global digital fraud detection and prevention company today released a study listing out the major cyber attacks that had a massive impact on the Russia-Ukraine diplomatic affairs and covering issues for the companies around the world to be careful of beforehand.
mFilterIt study lists down cyber attacks that were discovered which also includes information and propaganda events. However, there were three major types of cyber attacks detected so far in the conflict of Russia-Ukraine.
3 major attacks in Russia-Ukraine cyberwar
Hermetic Wiper Malware attack
The Hermetic Wiper initially corrupts each physical drive's Master Boot Record (MBR) which contains information on how file systems and partitions are organised.
This malware makes the drive unbootable and makes the data unrecoverable with bit manipulation. This results in the corruption of all the data available in the drive. And once the data is corrupted, the malware puts the final nail in the coffin by initiating a system shutdown and finalizing its effects on the system.
Ukraine’s largest state-owned bank – Privatbank and another state-owned bank named Sberbank reported issues related to online payments and the bank's application. The hosting provider for the Ukrainian army and the Privatbank was one of the targets of the cyber attackers.
Amidst the news of conventional conflict between Russia and Ukraine, the discovery of a new cyber weapon floated on February 23. The team of Threat Hunter at Symantec and the researchers at cybersecurity company ESET discovered “Hermitic Wiper”, which is designed to wipe off the hard drive or the system it infects.
The distributed denial of service (DDoS) attacks results in the takedown of websites. This means that visitors to the website will be unable to access any information. DDoS attacks overload the system with an enormous amount of requests from individuals attempting to visit the website in a short period of time. When the maximum number of requests is reached, the system automatically stops responding and the website goes offline.
According to a Netscout Threat Intelligence Report, adversaries launched more than 9.7 million DDoS attacks in 2021, which is a 14 percent increase from the pre-pandemic year of 2019.
According to the State Special Communications Service of Ukraine, more than 3,000 DDoS attacks have already taken place since February 15. The DDoS malware targeted the Ministry of Defence, Ukraine's Armed Forces, the Ministry of Foreign Affairs, Ukrainian Radio, etc. It also targeted the systems of PrivatBank and Oschadbank. The DDoS attacks by the renowned Anonymous hacking group affected many Russian government websites like the Russia Today website and a state-controlled international television network that was funded by the Russian government’s tax budget.
Website defacement attack
Defacement attacks occur when a hacker is able to alter or erase information on a website. This is a relatively simple method of disseminating false information and deceiving civilians into believing it is true. Furthermore, misinformation might spread more quickly. The influence is primarily psychological, but it is significant.
With the news of wiper malware floating, there was another discovery of website defacements. These attacks affected up to 70 Ukrainian government websites and defaced their systems. The attack was intended to do major damage, but it only impacted one content management system of all the websites. The defacement attacks infected the unpatched versions of an open-source content management system named “October CMS”. This CMS system was supported by a Ukrainian software company Kitsoft and other IT companies.
What should institutions do?
The study advises institutions in India and globally, that today’s cyberwar is no longer about only the public or private enterprises that deal with a country's immediate defence, the threat is much more comprehensive and can involve any institution.
Russia-Ukraine experienced a massive surge in cyber attacks just after the breakout of the conflict. The US security agencies, the Department of Homeland Security, and the FBI observed an increase of 800 percent in cyber attacks within 48 hours. According to the Threat Intelligence Centre of Microsoft, the cyber attacks against the digital infrastructure were initiated hours before the first missile was launched on February 24.
Bringing the severity of this issue to light, Amit Relan, Co-founder and Director of mFilterIt said, “In light of such difficult circumstances as the Russia-Ukraine conflict, cybersecurity is no longer merely a requirement, but a necessity that cannot be overlooked. Taking lessons, Indian enterprises should also make sure that the country doesn’t face such turmoil and needs to start investing in robust cyber security infrastructure. Technology has granted us a boon to make functions and connectivity easier but its bane cannot be ignored. mFilterIt with ‘Digital Swacch Abhiyaan’ at the core of its outlook has enumerated how major cyber attacks took place and the impact it generated.”