Powered by MOMENTUM MEDIA
cyber daily logo

Breaking news and updates daily. Subscribe to our Newsletter

Breaking news and updates daily. Subscribe to our Newsletter X facebook linkedin Instagram Instagram

Ukraine highlights significance of cyber warfare during international forum

The value of cyber operations in warfare has been highlighted by Ukraine during an international cyber forum held in Kyiv.

user icon Daniel Croft
Fri, 09 Feb 2024
Ukraine highlights significance of cyber warfare during international forum
expand image

The Kyiv International Cyber Resilience Forum 2024 opened on 7 November, inviting industry leaders, cyber experts and government officials from around the world to discuss cyber resilience, with the Russia-Ukraine war being a major topic.

Discussions at the conference highlighted the cyber warfare tactics used by Ukraine in defending itself against Russia, with the Security Service of Ukraine (SBU) head, Illia Vitiuk, saying that the country has had to strike first in the cyber realm to properly defend itself from invading Russia.

“The era of impunity ended when Russia invaded Ukraine, and we have to act proactively — what the US calls ‘defend forward’,” said Vitiuk.

============
============

This strategy of defending forward is reflective of how the US uses cyber warfare, attacking proactively.

“The 2018 Department of Defense Cyber Strategy states the United States will defend forward to disrupt malicious cyber activity at its source, including activity that falls below the level of armed conflict,” wrote the US Cyber Command.

“This means if a device, a network, an organisation, or adversary nation is identified as a threat to US networks and institutions, or is actively attacking them in or through cyber space – it can expect the United States to impose costs in response.”

In the case of Ukraine, this means “targeting adversary cyber capabilities and their underlying infrastructure to prevent threat actors from launching destructive cyber attacks in the first place”.

Ukraine has launched a number of cyber attacks against Russian infrastructure, including the nation’s federal tax service, civil aviation agency and a space research centre.

The country has also faced a barrage of major cyber attacks on its critical infrastructure. According to Vitiuk, Russia has a major edge in cyber warfare, thanks to Russian special services with laboratories and research institutes.

He adds that the nation even has university programs that teach young students cyber offensive tactics.

“Officers of the GRU [Russia’s Main Intelligence Directorate] and FSB [Federal Security Service] assign them topics for research and master’s theses, and we have seen these papers,” he said.

“They study the critical infrastructure not only of Ukraine but also of Europe and other countries. They want to elevate the level and sophistication of destructive attacks and recruit a significant number of cyber professionals to carry them out.”

It’s not just the nation’s government agencies that are launching attacks in light of the war in Ukraine. Russia is a hacking powerhouse, being the country with the third-most hackers in the world.

Russia launched an attack on Ukraine’s largest mobile operator, Kyivstar. The attack occurred on 12 December last year and resulted in Kyivstar’s over 25 million customer base, which is over half the country’s population, being without mobile and home internet services. The outages lasted roughly five days.

Later reports found that the attack on Kyivstar resulted in thousands of the telco’s computers and servers being wiped.

Ukraine quickly took revenge, attacking the Russian internet provider M9com.

”Hackers from the Blackjack group, who are likely related to the SBU [Security Service of Ukraine], hacked the Moscow-based internet service provider M9com and destroyed its servers,” a law enforcement source told Ukrinform.

The source added that the hackers deleted roughly 20 terabytes of data, including M9com’s official website, mail server, cyber protection services, the websites of M9com’s branches and more, the result of which left a large portion of Moscow’s residents without TV or internet.

Cyber Daily has since observed that M9com’s website is back online.

On top of the deleted data, the hackers exfiltrated over 10 gigabytes of data and made them publicly accessible via TOR. The data was stolen from M9com’s client databases and mail server.

According to the source, the attack on M9com was simply a “warm-up attack” and that more would come as part of its “serious revenge for Kyivstar”.

Comments powered by CComment

cd intro podcast

Introducing Cyber Daily, the new name for Cyber Security Connect

Click here to learn all about it
newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.