As global tensions continue to mount in the wake of Russia’s military invasion of Ukraine, some are concerned that the conflict could spread into a full-blown cyberwar. Russian cyberattacks on Ukraine have intensified in recent weeks, with various government and banking systems being targeted. Cybersecurity firm ESET has just announced the discovery of new “wiper” malware that is specifically targeting Ukrainian organizations. This software erases data from infected systems, which could cause massive damage if it spreads further.
The possibility of a global cyberwar is very real, and governments on both sides of the Atlantic are taking it very seriously. It’s time for the international community to come together and put an end to Russia’s aggressive behavior before it causes any more damage.
What is a Cyberattack?
A cyber assault is a criminal attack utilizing one or more computers against a single computer or network of systems. The objective of a cyber attack could be anything from vandalizing websites, stealing or corrupting data, to causing physical damage to systems.
In the first three days of conflict, Ukraine’s government and military sectors were targeted by a staggering 196% more computer assaults. Russian businesses have endured four times as many cyber assaults lately as they had in August.
The share of phishing emails in East Slavic languages, including Ukrainian, increased sevenfold, with a third of those dangerous phishing emails being sent from Ukrainian email addresses to Russian receivers.
Ukraine has been dealing with Russian cyberattacks for years now, but this latest round is by far the most serious. In December 2015, Ukraine’s power grid was hit with a massive cyberattack that left 230,000 people without electricity. And in March 2017, Russia was blamed for a ransomware attack that crippled Ukrainian businesses. These attacks illustrate just how dangerous Russia can be when it comes to cyber-warfare.
Types of Cyberattacks
Cyber attacks are carried out in a variety of ways. Cybercriminals employ a variety of methods to launch a cyberattack, including phishing campaigns, exploited credentials, and more. From this initial access, cybercriminals may proceed to accomplish various goals, including malware infections, ransomware distribution, denial-of-service attacks, data theft, and other activities.
There are different types of cyberattacks, but some of the most common are:
- Malware: This is a type of software that is designed to damage or disable computers.
- Ransomware: This is a type of malware that puts a person’s personal data at risk unless they pay a ransom.
- Phishing: This is when someone uses fraudulent emails or websites to trick people into giving them sensitive information.
What is a Cyber Attack Spillover?
A cyber attack ‘spillover’ is when a country’s cyber attacks unintentionally affect another country. This can happen in a number of ways, such as:
- A malicious actor targets a company in one country but the company has servers in another country. The servers in the second country are then also affected by the attack.
- An attacker targets a government agency in one country and the agency’s systems are connected to systems in other countries. The other countries’ systems are then also affected by the attack.
- A cybercriminal uses social engineering to trick someone in one country into clicking on a link that installs malware. The malware then spreads to other computers in that person’s network, which might be located in other countries.
What Can The West Do To Keep Cyber Attack ‘Spillover’
The global cyberattack spillover is a real and rising threat. The US, NATO, and the EU must work together to develop better defenses against Russian state-sponsored attacks. We also need to create consequences for these types of attacks.
The United States and its NATO partners can assist Ukraine’s cyber warriors in the following ways: Backdoors and malware could be installed on Russia’s military and political command, control, and intelligence units, which may be activated during a Russian attack. Compromising and installing covert bots within Russia-specific social media platforms such as VKontakte so that the Russian government is aware that tit-for-tat retaliatory social influence campaigns are feasible and could be implemented.
Governments and businesses in the United States and Western democracies must step up their game, delivering timely warnings and threat intelligence, as well as encouraging enterprises to patch all known vulnerabilities as quickly as possible.
We also need to increase the costs for Russia of conducting cyber operations against Ukraine and NATO member states. One way to do this is by destroying a significant portion of Russia’s internet infrastructure—routers, switches, and fiber optic cables—in response to a major Russian cyber attack. This would severely degrade Russia’s ability to communicate internally and conduct business internationally. Additionally, it would send a powerful message that such attacks have real-world consequences.
A Cyber Attack is Preventable
While a global cyberwar is certainly a possibility, it’s not inevitable. With the right preparation and response, we can prevent Russia—or any other country—from successfully pulling off a large-scale attack.
Here are some ways you can protect your organization from a cyberattack:
- Understand your risks. Perform a comprehensive assessment of your networks and data to identify vulnerabilities.
- Implement security controls. Put in place the people, processes, and technology needed to secure your systems.
- Educate employees. Train employees on cybersecurity best practices and make sure they know what to do in the event of an attack.
- Have a plan. Develop an incident response plan so you know what to do if an attack does occur.
By taking these steps, you can help keep your organization—and our country—safe from the threat of a global cyberwar.
Whether it’s Ukraine or the United States, cyber assaults are unavoidable. We may prevent them by taking measures to secure our networks and data.