reports cybersecurity
Published on : Dec 27, 2022
As part of Kaspersky’s annual Security Bulletin prediction series, experts analyzed cyberspace activities relating to the Ukrainian crisis, observing their meaning in relation to the current conflict, and their impact on the cybersecurity field. The story of the year, prepared by Kaspersky researchers within annual Kaspersky Security Bulletin, tracks every stage of the armed conflict in Ukraine, the events that have taken place in the cyberspace and how they correlated with on-the-ground operations.
2022 was marked by a 20th century-style military conflict that definitely brought uncertainty to and some serious risks of spreading over the continent. While the broader geopolitical analysis of the conflict in Ukraine and its consequences are best left to experts, a number of cyber-events took place during the conflict that turned to be very significant.
Significant signs and spikes in cyberwarfare in the days and weeks pre-dating military conflict were evident. February 24, 2022 saw a massive wave of pseudo-ransomware and wiper attacks indiscriminately affecting Ukrainian entities. Some were highly sophisticated, but the volume of wiper and ransomware attacks quickly subsided after the initial wave, with a limited number of notable incidents subsequently reported. Ideologically-motivated groups that presented themselves in the original wave of attacks appear to be inactive now.
On February 24, Europeans relying on the ViaSat-owned satellite faced major internet access disruptions. This “cyber-event” started around 4h UTC, less than two hours after the Russian Federation publicly announced the beginning of a “special military operation” in Ukraine. The ViaSat sabotage once again demonstrates cyberattacks are a basic building block for modern armed conflicts and may directly support key milestones in military operations.
As the conflict has evolved, there is no evidence that the cyberattacks were part of coordinated military actions on either side. However, there are some main characteristics that defined the 2022 cyber confrontation:
“From February 24 onwards, we’ve been puzzled with a question. If cyberspace is a true reflection of the conflict in Ukraine, does it represents the pinnacle of a real, modern “cyberwar?” comments Costin Raiu, director of global research & analysis team at Kaspersky. “By going through all the events that followed military operations in cyberspace, we witnessed an absence of coordination between cyber and kinetic means, and in many ways downgraded cyber-offense to a subordinate role. Ransomware attacks observed in the first weeks of the conflict qualify as distractions at best. Kinetic attacks using missiles and unmanned aerial vehicles have once again proven to be a more effective method of targeting infrastructure than cyberattacks. Nevertheless, collateral damage and cyber risks have grown for organizations in nearby countries due to the conflict, requiring advanced defensive measures more than ever.”