Is Russia secretly hacking Ukrainian websites?

What’s happening in Eastern Europe?

This situation is still developing, but as of writing Russia has around 120,000 troops stationed on its western border with Ukraine.

This is part of an ongoing power struggle in the region; ever since Russia annexed Crimea (formerly a part of Ukraine) in 2014, relations between the two countries have been strained, to say the least. While Russia claims that the current build-up of troops is purely a defensive measure, Ukraine and many Western governments fear that an invasion may occur in the near future.

And in recent months, more than 70 official Ukrainian websites, run by or affiliated with the government, have been targeted by hackers.

Cyber attacks against Ukraine

The cyber attacks involved the defacing of government websites; visitors to these pages were greeted by a message telling them to “prepare for the worst”.

Soon afterwards, another set of attacks added more threatening messages to other sites. They threatened to expose the data of Ukrainian citizens, and were posted in Russian, Ukrainian, and incoherent Polish.

Of course, Russia has denied any direct involvement with these incidents, but that hasn’t not stopped Ukraine, Poland, and Nato accusing them of encouraging or even instigating the attacks.

Was the Russian government behind the attacks?

Simply put, we don’t know. By their nature, attacks like these are very hard to trace back. However, there are a number of reasons to suspect that the Russian government may have been involved.

For one thing, there is precedent. In 2008, Russia invaded Georgia and used cyber attacks to take Georgian government websites offline. Then, during the 2014 annexation of Crimea, they employed similar tactics to disrupt online communication networks.

There’s also the timing; with Russia in negotiations with Nato over the current tensions, adding additional pressure to Ukraine could be part of their bargaining strategy.

It’s possible, however, that the Russian government did not directly oversee or initiate the attacks. There are several patriotic hacking collectives in Russia which could have acted independently to try and assist the regime.

How did the attacks actually happen?

Ukraine has previously been able to foil many similar attacks. According to their security services, they “neutralized” at least 1,200 cyber incidents in the last year. So how did these recent attacks get through?

This is another area where we don’t know for certain what happened, but can make an educated guess.

The hackers probably used phishing emails — the simplest and often most effective way to launch these kinds of attacks. By pretending to be a trusted sender, they could have contacted employees within Ukraine’s government and tricked them into exposing login details for communication networks and administrative accounts.

Once the hackers had these details, they could launch more targeted spear phishing attacks, working their way through government networks until they could access and deface the targeted web pages.

The growing threat of cyber warfare

These attacks were clearly intended to cause fear and unrest; they were an intimidation tactic, more than anything else. However, they raise the specter of a much greater threat; cyber warfare.

With so much of the world’s essential infrastructure — from power grids to hospitals — now online, a full-blown cyber warfare campaign could be devastating for any country.

Incidents like the recent cyber attacks in Ukraine remind us how dangerous online warfare can be. The battlefields of the future may be digital, but they’ll be no less deadly.

Want to read more like this?

Get the latest news and tips from NordVPN.

Subscribe

Subscribe

You've successfully subscribed to our newsletter!

Email is invalid

Subscribe

We won't spam and you will always be able to unsubscribe.