Russian-controlled hackers can disrupt the logistics of the Armed Forces of Ukraine. The results of the hacker war for 2022 and the forecast for this year.
The State Service for Special Communications of Ukraine has published a report that provides detailed data on cyber attacks on Ukraine since the start of Russian aggression. The report lists the number of attacks and the damage that was caused to the country’s infrastructure, as well as forecasts for 2023 and analyzes their possible consequences. Focus read the report carefully to clarify the main points.
What happened on the cyber front in 2022
The goal of Russian cyberattacks was to undermine the Ukrainian infrastructure, misinform and demoralize the population. Among the targets attacked were government sites, energy companies, banks, airports and railways. Some of the attacks led to serious consequences, such as power outages or blocking of payment systems.
The largest attacks began even before the February 24, 2022 invasion. They were supposed to carry out sabotage missions. For example, on January 14 last year, more than 70 websites of central and regional authorities were attacked. After 2 days, a DDoS attack began on government websites and the websites of many banks in Ukraine, which lasted more than 5 hours; on February 23, a cyber attack occurred on the website of the National Bank of Ukraine. And just last year, the SBU, as well as the cyber structures of Ukraine, neutralized 4.5 thousand hacker attacks.
The main tools of attacks by Russian hackers on Ukraine
Photo: State Special Communications Service of Ukraine
But Ukrainian cybersecurity experts quickly repaired damaged systems, prevented new attacks, and actively counterattacked Russian targets online. Ukraine also received assistance from its Western partners. They provided Ukrainian specialists with equipment, software and provided training.
The report of the State Service for Special Communications notes that the Ukrainian society played an important role in this cyberwar. Ukrainians actively disseminated truthful information about the situation in the country through their personal accounts on social networks, supported the Armed Forces of Ukraine and volunteers. Thus, the Ukrainian cyber defense turned out to be strong and flexible enough to cope with Russian cyber aggression.
Which of the hackers is fighting on the side of Russia
With 100% accuracy, no one can confirm the participation of any group in this or that cyber attack on Ukraine, however, experts from the intelligence services name several of the most active hacker groups controlled by the Russian special services.
The structure of pocket Kremlin hacker groups
Photo: State Special Communications Service of Ukraine
Among them are called Sandworm, Fancy Bear and Cozy Bear. These groups are linked to Russian intelligence services such as the GRU and the FSB. However, the most dangerous grouping is Killnet, which appeared as a result of a split in a kind of hacker “brotherhood”, which Focus wrote about earlier in a long article about cyber wars.
Killnet cyberattacks have had serious security implications: they disrupted the NATO humanitarian mission in Turkey and Syria after the earthquake, attacked the Moldovan government and threatened to turn off ventilators in UK hospitals. The Kremlin hackers from Killnet used various methods of cyberattacks, such as interception of data and DDoS, they also “declared war” on the Anonymous community, which attacked Russian sites in support of Ukraine.
Which of the hackers is fighting on the side of Ukraine
The cyber aggression of the Russians is successfully countered by a rather broad coalition of pro-Ukrainian hacker groups. Among them: KelvinSecurity HackingTeam, GhostSec, Belarusian Cyber Partisans, AgainstTheWest and Anonymous. They carry out cyberattacks on Russian web resources and systems, and also protect Ukrainian resources. These groups also use various cyber attack methods such as phishing, password cracking, and malware distribution.
The largest international hacker community Anonymous fights for Ukraine
Photo: Illustrative photo
For example, hackers from Anonymous successfully attacked the website of the Rossiya 24 TV channel and showed a video calling for peace and solidarity with Ukraine. The websites and structures of the FSB were subjected to their attacks. Hackers from the KelvinSecurity HackingTeam attacked the website of the Russian Ministry of Defense and published personal data of the Russian military and government members. GhostSec hackers leaked documents about Russian support for separatists in Donbas, hacked into the website of the Russian Ministry of Foreign Affairs, and claimed responsibility for the attack on the Gysinozerskaya hydroelectric power plant, which led to an emergency shutdown.
Lone hackers and anonymous groups leaked Roskomnadzor databases to journalists, including correspondence and employee data. Ukrainian Cyber Alliance received secret documents on Russian maritime drones, including technical details. Pro-Ukrainian hackers hacked Gazprom’s databases and passed data on the largest gas fields in Russia and more than 6,000 secret files about the company’s activities to intelligence services.
Forecasts regarding cyber attacks on Ukrainian systems
Cybersecurity specialists note that cyberattacks from two sides will continue even with greater regularity than last year. Moreover, according to experts from Microsoft, Russian hackers are preparing a new wave of cyber attacks against Ukraine, including threats in the form of ransomware for organizations serving Ukrainian supply lines. Analysts say that Russia is preparing for a new round of attacks and will combine physical attacks with cyber attacks, as it did in February 2022.
Hayers will actively use file encryptors to disrupt the logistics of the Armed Forces of Ukraine and transport companies
Photo: Illustrative photo
In particular, Russian hackers can attack Ukrainian energy systems, government web resources, video conferencing services and other digital platforms. Experts warn that due to the active development of AI tools, hackers can use Deepfake technologies to discredit Ukrainian politicians and bring confusion to society.
According to experts, Kremlin cybercriminals will attach particular importance to attacks on logistics centers and supply chains of weapons for the Armed Forces of Ukraine from allies. Various transport companies in Ukraine and firms providing logistics services will be subjected to cyberattacks.
Pro-Ukrainian hackers are also actively attacking Russian infrastructure
Photo: DDoS-GUARD
But Ukrainian hackers are not relaxing either. According to Russian IT security experts, Russia will be attacked three times more often this year than a year earlier.
Focus wrote that Russian hackers changed tactics and switched from complex operations to weak but massive strikes.
