The laws of cyber-warfare are being rewritten in Europe. The Russo-Ukrainian War is not limited to the hot conflict at fire zones of the front. It is possible to hear the echoes of war in the cyber world too. In our digital world, data is one of the most valuable assets. Every nation has its own strengths and weaknesses, but those who are able to control and process data go one step further than others.
Cyber wars are not only limited to what we read in the newspapers. The consequences of an attack on a data center can be life-threatening because people may not be able to access vital services. Nowadays, cybersecurity risks even threaten the healthcare industry.
War is bad wherever it happens, but the conflict between Russia and Ukraine occurs in a very important geographical location. Disruptions in communication in this region, which is the center of grain and energy production, will affect Europe and the whole world. And it already does.
For this reason, the Russo-Ukrainian War is also a turning point for cyber wars, both due to the current state of technological development and geopolitical reasons.
Increasing cyber threats in Ukraine
The SSSCIP reported an increase in cyberattacks in the second quarter of this year earlier this month. The national telecommunications company of the nation, Ukrtelecom, was the target of a cyberattack in April that used hacked employee credentials.
Since Russia’s invasion, cyberattacks have been on the rise, but a spike was observed in the second quarter of 2022, when 19 billion events were processed by Ukraine’s national Vulnerability Detection and Cyber Incidents/Cyber Attacks System, according to the cyber agency. The number of cyber events that were reported and investigated rose from 40 to 64.
The number of occurrences in the “malicious code” category increased by 38% compared to the first quarter of the year, indicating a “significant increase” in malicious hacker group activities in spreading malware.
“The main goal of hackers remains cyber-espionage, disruption of the availability of state information services and even destruction of information systems with the help of wipers,” the SSSCIP stated.
Microsoft blocks macros by default, but cybercriminals are adopting new tactics
Compared to the first quarter, the number of important events coming from Russian IP addresses declined by 8.5 times. This has been made possible by security measures set up by electronic communication networks and internet access providers that, according to the SSSCIP, restrict IP addresses used by the Russian Federation.
Since IP addresses may be manipulated, the USA currently has the highest number of occurrences from source IP addresses, but this does not necessarily indicate that the country is the source of attacks.
High-voltage electrical substations in Ukraine were attacked using a new variation of the Industroyer virus in July, which was connected to a 2016 attack on Ukraine by the Russian Sandworm gang.
Additionally, CISA has taken additional measures to safeguard US-based enterprises. In February, it started a campaign called Shields Up to alert domestic institutions to get ready for potential Russian cyber attacks.
US and Ukraine collaborate on cybersecurity measures
The US and Ukraine cybersecurity agencies have inked a contract for closer collaboration on cybersecurity.
A Memorandum of Cooperation (MoC) between the US Cybersecurity and Infrastructure Security Agency (CISA) and the Ukrainian State Service of Special Communications and Information Protection of Ukraine (SSSCIP) was signed, and it was revealed yesterday. According to CISA, it will strengthen the current connection between the two entities.
According to the agreement, the agencies will share knowledge and best practices about cyber events. Oleksandr Potii, the SSSCIP’s vice chairman, said they will also communicate in real-time technical details on critical infrastructure security. The MoC also permits the two organizations to do joint training exercises.
“Cyber threats cross borders and oceans. So we look forward to building on our existing relationship with SSSCIP to share information and collectively build global resilience against cyber threats,” said CISA Director Jen Easterly, calling out Russia for “cyber aggression” in what she said was an unprovoked war.
Europe plays its own part with CRRTs
Not just the US government assists Ukraine in fending off Russian cyber-aggression. The EU also sent a Cyber Rapid Response Team (CRRT) to assist the nation in February. Lithuania served as the team’s leader, and Croatia, Poland, Estonia, Romania, and the Netherlands assisted.
The EU AI Act: Regulating the future of artificial intelligence
“Cyber Rapid Response Teams (CRRTs) will allow the member states to help each other to ensure a higher level of cyber resilience and collectively respond to cyber incidents. CRRTs could be used to assist other member states, EU Institutions, CSDP operations as well as partners. CRRTs will be equipped with a commonly developed deployable cyber toolkits designed to detect, recognise and mitigate cyber threats. Teams would be able to assist with training, vulnerability assessments and other requested support. Cyber Rapid Response Teams would operate by pooling participating member states experts,” the manifestation of Permanent Structured Cooperation (PESCO) stated.
Cyber conflicts and wars might target military-related objectives, but their effects are felt most by the civilians on both sides of the conflict. The fact that the hot spot of the war is Europe once again, the cybersecurity threats push the countries to take serious measures.
