Background - 17.03.2022 - 00:00 

Cyber-Security and the Russia-Ukraine War

Since Russia invaded the borders of Ukraine on 24 February 2022, there has also been an increase of cyber-attacks originating from Russia effecting the region. To understand the topic more clearly, we spoke to Professor Aikaterini Mitrokotsa, full professor for Cyber Security at the University of St.Gallen.

17 March 2022.

Professor Mitrokotsa, we have seen over the past weeks tanks and soldiers engaging in warfare in the Ukraine. But experts are also stating that this war will also be fought virtually, can you clarify this?

We are all very saddened by Russia's physical invasion of Ukraine. In addition to the military conflict, we have also seen an increase of cyber-attacks and hacking that is becoming not only an important aspect to this conflict but most likely will become a major component to future wars and conflicts as well.

Did Russian and Ukrainian cyber-attacks start with the invasion on 24 February 2022?

The cyber conflict between Ukraine and Russia has been active for a long time. There has been a multitude of attacks starting from the collapse of the Soviet Union and intensifying after the Russian invasion of Crimea in 2014. Among some of these cyber-attacks include: the Ukraine power grid hack at Christmas 2015, and again in 2016, paralysis of the State Treasury of Ukraine in December 2016, a Mass hacker supply-chain attack in June 2017 and attacks on Ukrainian government websites in January 2022.

The Ukrainian government has already been hit recently with a series of digital attacks ranging from hacks that deleted data from computers to those that overwhelmed computer networks with digital traffic (Denial of Service attacks).

Is there any way that we can understand why these attacks are taking place? Is there a way to categorise or understand them?

The main cyberattacks in the war against Ukraine could be categorised into different groups: attacks aimed at collecting information; attacks that may attempt to undermine Ukrainian military operations; and attacks aimed at psychologically affecting the Ukrainian public in general. The latter has been the major concern, since currently the cyber-attacks against Ukraine focus on misinformation and spreading fear.

How can cyber-attacks be aimed at the general population of Ukraine?

For instance, it has been disclosed that major social media companies (e.g., Facebook, Twitter etc.) have discovered hackers taking over accounts belonging to Ukrainian military officials and public figures. The hackers try to use these compromised accounts to spread disinformation and post videos to show the Ukrainian military surrendering.

On the other side, Ukraine sympathizers i.e. Hacktivists known as Anonymous, have hacked Russian TV stations to display pro-Ukraine content and even disabled and defaced Russian electric vehicle chargers with anti-Putin messages.

The cyber-attacks against Ukraine have been fairly mild so far, is there concern that this could change?

Yes. Currently a major concern not only for Ukraine but the global community is if Russia launches more severe cyberattacks and is able to release a computer bug inside Ukraine. If they are able to do this, it could have a cascading effect and subsequently affect other countries and possibly could paralyze digital communications the world over. This has happened in the not-so-distant past. For example, the NotPetya bug in 2017 targeted a popular piece of Ukrainian accounting software, but spread beyond Ukraine and something similar is a concern as this conflict deepens.

Prof. Dr. Aikaterini Mitrokotsa is full professor for Cyber Security in the School of Computer Science at the University of St.Gallen.

Image: Adobe Stock / Oleksii

Discover our special topics