While it’s clear cyberattacks are playing a role in the ongoing war between Russia and Ukraine the level of disruption being inflicted by both sides is currently difficult to assess. The most overt attacks appear to have come in the form of two strains of wiper malware dubbed WhisperGate and HermeticWiper that are designed to make systems inoperable that were launched shortly before a distributed denial of service (DDoS) attack.
Ukraine with the aid of third parties such as the Anonymous hacking group may even be giving as good as it’s getting. It’s also been revealed how closely the Federal Security Service (FSB) in Russia works with ransomware gangs such as Conti. The protagonists in this conflict are clearly operating well beyond the borders of both Russia and Ukraine.
In fact, there’s still plenty of concern that this cyberwarfare will inevitably escalate. The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigations (FBI) in the U.S. are warning of possible threats to satellite communication networks amid fears that recent attacks on these networks could spread. The Federal Communications Commission (FCC) in the U.S. is also becoming more concerned. It is seeking comment on vulnerabilities threatening the security and integrity of the Border Gateway Protocol (BGP) that drives the global Internet routing system.
Cyberwarfare is, of course, not limited by borders. Cyberespionage is now continuously conducted around the world. A Chinese cybersecurity research firm last year claimed it had detected at least 40 high-level overseas hacker organizations and more than 2,700 advanced cyberattacks against China in the past few years. Only a relatively small percentage of the attacks launched by nation-states might even ever be detected. Even when detected most of them are kept quiet.
However, it may very well turn out that because of the current conflict many longstanding cybersecurity issues are about to be addressed. Not only are governments around the world looking to better protect essential infrastructure organizations of all sizes are beefing up their internal security. Those businesses may not be able to stop a sustained targeted attack launched by a nation-state that has extensive cyberwarfare capabilities, but they can reduce the collateral damage that might ensue. The trouble with those types of cyberattacks is that nation-states are not always able to limit the scope of those attacks to a particular geographic region.
Collectively, all these efforts just might help make the Internet a safer place. It’s unfortunate that it may have taken a war to bring that about but at the very least there is now a deeper appreciation of the cyberwarfare capabilities of nation-states and their allies. Cybersecurity leaders should be able to make a more convincing case for shoring up defenses.
In the meantime, cybersecurity researchers around the world are tracking events as they unfold. Just because cyberattacks appear to be relatively constrained for now it does not follow that they will stay that way. After all, as the war drags on frustrations will continue to mount and even when it does end the odds are good the current conflict in cyberspace will only become even fiercer still.
Mike Vizard has covered IT for more than 25 years and has edited or contributed to a number of tech publications including InfoWorld, eWeek, CRN, Baseline, ComputerWorld, TMCNet, and Digital Review. He currently blogs for IT Business Edge and contributes to CIOinsight, The Channel Insider, Programmableweb, and Slashdot. Mike also blogs about emerging cloud technology for SmarterMSP.