Since the Russia-Ukraine conflict broke out, war on the ground has been brutal and catastrophic. Cyber warfare has been comparably insignificant, and projections about mass online shutdowns have not materialised.
However, there has been some intervention from hostile state actors. Just last week, the Foreign, Commonwealth and Development Office (FCDO) announced that Russia was almost certainly behind a major cyber operation targeting the US commercial communications and internet satellite company Viasat, which happened an hour before the invasion on 24 February.
After months of analysis, the UK governments National Cyber Security Centre (NCSC) has now attributed the hacks to the Russian state. While the primary target was the Ukrainian military, the attacks also impacted Ukrainian Viasat customers, and caused disruption to wind farms and internet users across central Europe. Additionally, the NCSC has ascertained that Russia was also behind an earlier attack on the Ukrainian government on 13 January, which involved defacing government websites and the deployment of destructive malware.
Interestingly, global sanctions on Russia have caused ransomware attacks to decrease since March, noted Rob Joyce, cyber security director of the US National Security Agency (NSA), at the NCSCs CyberUK conference in Wales this week. Sanctions have made it harder for criminals to organise attacks and move money in the West, he said.
But cyber threats do not only come from hostile states. Speaking in a panel discussion, Joyce highlighted the rise of cyber vigilantes lone actors on both sides of the conflict who are taking matters into their own hands to infiltrate and destroy their enemys systems.
While activism in support of Ukraine might seem commendable, Joyce warned that such an approach is not conducive to ethical behaviour. You want to sit back and root for the folks who are trying to do noble things but it is problematic, he said. We are trying to hold bad actors accountable in other nations [and] we have to be good international citizens in the cyber arena.
Abigail Bradshaw, head of the Australian Cyber Security Centre (ACSC), said that roughly 300,000 hactivists related to the Russia-Ukraine conflict have been identified so far, and added that the extent of cyber vigilantism has taken [government] by surprise.
There is an extreme unpredictability associated with these exploits that make it difficult to attribute, contain and stop them, she said. Hactivism can also impact regular citizens quite significantly, due to spillover onto non-primary targets (such as with the Viasat campaign) and breaches on public tools like Google Maps, impeding peoples ability to travel and infiltrating personal location data.
Some hactivists do not act alone and have the advantage of an organisation behind them, making them even more of a threat. Perhaps the best-known is Anonymous, the pro-Ukraine collective that has vowed to keep attacking Russia until its aggression stops. The groups actions have caused Russia to become the most hacked country in the world in 2022 so far, with breaches affecting 3.5 million people, according to research from virtual private network (VPN) provider Surfshark.
But hactivist collectives exist on both sides. Conti, a group of pro-Russia ransomware cyber criminals, have now restyled themselves as political activists, said Jonathan Hope, senior technology evangelist at cyber security firm Sophos, who spoke in another session at CyberUK on ransomware.
Vigilantes can be more ruthless and chaotic than other cyber criminals, he noted, as they destroy data for the sake of it rather than for financial gain, meaning victims are less likely to get their information back. Theyre hacking for Mother Russia with no checks, controls or balances, Hope said. Its a tool, a weapon to destroy data.
The rise in such sporadic hacking makes it ever more important that governments secure and stress-test their critical national infrastructure, said Juhan Lepassaar, executive director of the European Union Agency for Cyber Security.
He said that the UK has done great work in securing its telecoms sector, and other industries and countries need to follow suit. It pays off to build a framework where you stress-test the most critical sectors in society. [The sectors should be] incentivised to do it themselves.
There was consensus that both organisations and individuals need to be encouraged to undertake basic steps in cyber security. Joyce said that attitudes are changing, albeit a little late intelligence agencies have focused on counter-insurgency and terrorism for the past two decades, he said, which has caused cyber defence to fall by the wayside.
Weve not been investing in IT and now China is threatening those systems, he said. We will now do the things that we should have done ten or 20 years ago. The narrative has shifted.
Moving the onus of cyber security from response to prevention is key, added Lepassaar. In fact, Ukraines thorough preparations are what has helped the country stay online despite multiple setbacks and has even enabled them to host press conferences in besieged cities, he said. There has been a good deal of resilience from the Ukrainian state around maintaining connectivity. [This shows] the value of building partnerships early on and making sure you build distributed systems that are difficult to take down and attack.
Sign up for The New Statesmans newsletters Tick the boxes of the newsletters you would like to receive. Morning Call Quick and essential guide to domestic and global politics from the New Statesman's politics team. World Review The New Statesmans global affairs newsletter, every Monday and Friday. The New Statesman Daily The best of the New Statesman, delivered to your inbox every weekday morning. Green Times The New Statesmans weekly environment email on the politics, business and culture of the climate and nature crises - in your inbox every Thursday. This Week in Business A handy, three-minute glance at the week ahead in companies, markets, regulation and investment, landing in your inbox every Monday morning. The Culture Edit Our weekly culture newsletter from books and art to pop culture and memes sent every Friday. Weekly Highlights A weekly round-up of some of the best articles featured in the most recent issue of the New Statesman, sent each Saturday. Ideas and Letters A newsletter showcasing the finest writing from the ideas section and the NS archive, covering political ideas, philosophy, criticism and intellectual history - sent every Wednesday. Events and Offers Sign up to receive information regarding NS events, subscription offers & product updates.
Here is the original post:
NSA's Rob Joyce: Even the good hactivists are problematic - The New Statesman