This is called “war hybrid “: for a country, and in particular Russia, it is a method of weakening others, by more or less subtle means. There are many levers: popular unrest, interference in elections, party financing, misinformation, pressures economic, cyberattacks… In 2007, it was Estonia that inaugurated this method by suffering a massive cyber attack for more than 20 days. Attacks that had paralyzed many services in this country which was then one of the most connected. The offensive had been orchestrated by the hackers affiliates in the Kremlin at the time, but then it was difficult and risky to assign them. Today, with the current conflict in Ukraine, the use of cyberweapons is accepted and we no longer have to look far to be able to attribute cyberattacks.
Microsoft has just published a report specific to the cyberattacks that the Russian Federation has carried out as part of its hybrid warfare against Ukraine. For Microsoft, it is a question of raising awareness of this militarized cyber-branch which remains silent despite the damage it can cause. Thus, even before the invasion, the researchers of Microsoft detected at least six Kremlin-linked actors. They launched more than 237 operations against Ukraine.
In the chronology, as of March 2021, the hackers in the service of Moscow have intensified attacks on Ukrainian organizations and allies of Ukraine. They then infiltrated deeply and silently into the networks. In mid-2021, these same actors targeted supply chain suppliers in Ukraine and abroad to gain additional access to systems on the territory and in NATO member states. Finally, when Russian troops began to move towards the Ukrainian border, all targets providing intelligence on Ukraine’s military and foreign partnerships were attacked.
On this map, we see that the intensity of the use of the cyber weapon follows that of the offensives on the ground, except in the south of Ukraine where the Russian forces mainly come from Crimea. © Microsoft
The cyber weapon before the artillery fire
On the merits, some destructive attacks have not only degraded the systems of institutions in Ukraine, but also sought to disrupt the population’s access to reliable information and essential services. The idea then remained to shake the confidence of the country’s leaders. Today, these attacks are now synchronized with kinetic military operations by primarily targeting services for civilians. So the 1er March, cyberattacks took place against a radio important in Ukraine. On the same day, the Russian military both announced that it was going to destroy Ukrainian disinformation targets and carried out a strike of missile against the TV tower in Kyiv. Another example, on March 13, the taking of nuclear center by the Russian army was accompanied a few weeks later by data collection at a nuclear security organization.
But there have also been system-destroying attacks. Microsoft counted nearly 40 of them. Some 32% of these directly targeted Ukrainian government organizations. Worse, more than 40% targeted organizations in critical sectors (army, economy, critical networks). In terms of infiltration methods, it is the phishing that was employed as well as the exploitation of unpatched vulnerabilities. The researchers also noticed that hackers also seek to erase their traces with specialized tools.
As cyberattacks follow or precede the amplitude of military actions, hackers should now carry out actions destructive reprisals against countries that decide to provide more military assistance to Ukraine. Currently, Microsoft has already identified operations in NATO member states actively providing political, humanitarian or military to Ukraine.
Ukraine: “The first cyber war in the history of mankind has begun”
In Ukraine, a Russian cyberattack on Monday brought down Ukrtelecom, the leading Internet service provider! Since the start of the conflict, Ukraine has recorded 60 cyberattacks, and that’s the whole world, whether it’s private companies like Microsoft and Oracleor foreign public services that help Ukrainians resist in cyberspace.
Article by Fabrice Auclert, published on
While the Russian army stagnates on the ground, even retreats in certain parts of Ukraine, the country has decided to strike in the ” tunes or rather in the field of telecommunications. The Ukrainian Internet service provider Ukrtelecom has thus been the target of a powerful cyberattack “, announced on Monday the Ukrainian government.
A neutralized attack according to the State Service for Special Communications and Information Protection (SSSCIP) of Ukraine, and considered “the most serious” since the Russian invasion. It’s as if a cyberattack brought down Orange or Free in France, with all the consequences that this can entail for companies and administrations.
Maintain services to the armed forces
NetBlocks, which tracks internet outages around the world in real time, found that Ukrtelecom went offline on Monday morning with an activity rate of 13%. Since the start of the war, the rate had dropped from 100% to 80% due to numerous cyberattacks, but on Monday, this rate therefore fell to its lowest level.
Alp Toker, director of NetBlocks, explained to Forbes that ” the gradual loss of connectivity was a sign that it was not a power or cable outage but of a cyberattack. ” The new attack has deeply reduced Ukraine’s connectivity nationwide, with a duration and prolonged impact. Unlike the string of blackouts and blackouts in the hottest conflict zones, this one has hit the country’s national operator to the core, and it appears to be struggling to mitigate the incident.. »
Number 1 in telephony in Ukraine, Ukrtelecom actually took several hours to restore its services, and according to the SSSCIP, the priority was to “ preserve its network infrastructure and continue to provide services to the Armed Forces of Ukraine and other military formations”. As a result, Ukrtelecom temporarily limited the provision of its services to the majority of private and business users. »
Sixty different cyberattacks
Last week, Ukraine’s Computer Emergency Response Team (CERT) revealed that the country had been subjected to 60 different cyberattacks : eleven had targeted the government and the local authorities, including eight striking the army and the forces of order. Only four had hit telecommunications and other tech companies. According to this organization, the majority of these cyberattacks focused on the collection of information, although at the beginning of the conflict it was also emphasized “wiper” type cyberattacks that simply erase content from targeted devices.
For SSSCIP Chairman Yurii Shchyhol, it is simply ” the first cyberwar in human history “. ” In this war, the entire computer community of the world has united in its reaction against injustice and against the attempts of Russian troops to destroy our country. We do our best to stop the aggressor », he continues, and he reveals that IT giants like Oracle and Microsoft are lending a hand. ” Our main challenge today is victory over the enemy on all battlefields including cyberspace he concludes.
Support an editorial team committed to popularizing science on Patreon!
Our mission ? Return the knowledge accessible to everyone.
We produce our own articles, investigations and reports every day, all on a human scale. Support us in this approach and this ambition.
Subscribe to Futura on Patreon!
Two subscription plans are offered to you with the following advantages:
- ” Futura ad-free »: get guaranteed ad-free access to the entire site for €3.29/month (+VAT).
- ” I participate in the life of Futura »: in addition to access without advertising, take part in the life of our independent media (votes, new content, surveys, etc.) for €6.29/month (+VAT).
Interested in what you just read?