This content is not available in your region

Is Russia using cyberattacks in the war with Ukraine and could sanctions provoke more of them?

Cyber attacks can disrupt essential services and can undermine national security.
Cyber attacks can disrupt essential services and can undermine national security.   -   Copyright  Canva
By Pascale Davies

As cities in Ukraine come under attack from Russian forces, a digital offensive may also forming part of the invasion and could increase under the threat of sanctions from the West.

On Wednesday, the websites of several Ukrainian banks and government departments - including the foreign, defence and interior ministries - crashed, according to Netblocks.

The Internet watchdog said "the incident appears consistent with recent DDoS attacks," referring to Distributed denial of service (DDoS) which takes a website offline by flooding it with huge amounts of requests until it crashes.

Ukraine has suffered a string of cyberattacks in recent weeks, including so-called wiper attacks which destroy data on machines.

It is realistically possible that these sanctions will result in reprisal from either Russian state-associated cyber threat groups or cybercriminal groups influenced by nationalistic drivers.
Chris Morgan
Senior cyber threat intelligence analyst, Digital Shadows

Ukraine has blamed previous attacks on Russia but Moscow has denied any involvement.

With Russia’s advance on Ukraine and vows of unprecedented international sanctions against Moscow, cyberattacks are likely to increase, according to experts.

"Proposals for US sanctions may include barring US financial institutions from processing transactions from Russian banks, which will have a demonstrable impact on Russian business and nationals," Chris Morgan, a senior cyber threat intelligence analyst at cybersecurity firm Digital Shadows, said in comments to Euronews Next.

"It is realistically possible that these sanctions will result in reprisal from either Russian state-associated cyber threat groups or cybercriminal groups influenced by nationalistic drivers.

"How these groups would retaliate on behalf of Russia is debatable".

European Union leaders agreed on Thursday to impose new economic sanctions on Russia. The full details will be discussed in the coming days.

"We want to cut off Russia’s industry from the technologies desperately needed today to build the future," European Commission President Ursula von der Leyen said following the announcement of fresh sanctions.

EU foreign policy chief Josep Borrell described the measures as "the harshest package of sanctions we have ever implemented".

Ukrainian president Volodymyr Zelenskyy has urged Europe to act more quickly in imposing sanctions on Russia, accusing western allies of politicking as Moscow's forces advanced on Kyiv.

"You still can stop this aggression. You have to act swiftly," he said.

Zelenskyy also said cutting Moscow off from the SWIFT global interbank payments system and an oil embargo should also happen.

Cyber support

Cyberattacks can disrupt essential services such as water supplies and banks and could undermine national security, coming under the categories of espionage, subversion and sabotage.

The European Union, the United Kingdom and Ukraine blamed Russian government hackers for attacks on electricity substations that caused power cuts in 2015 and 2016.

Support for cyberattacks has also been recognised as important to international aid.

After Ukraine called for help to manage the latest cyber attacks, a newly-formed team of eight to 12 experts from EU countries have committed to defending Ukraine.

Known as the cyber rapid response team (CRRT), experts from countries including Croatia, Romania, Estonia, Poland, Lithuania and the Netherlands said they would aid Ukraine remotely and on-site in Ukraine.

Meanwhile, the United States said on Wednesday that it was in touch with Ukrainian authorities about their cybersecurity needs but has not attributed blame to any country for recent incidents.

Morgan said now would be the time to ensure basic cybersecurity practices are adapted, such as ensuring two-factor authentication, securing Internet-facing remote services, taking a risk-based approach to vulnerability management, and regularly patching high-risk vulnerabilities are some such measures.

“These fundamental steps can make a big difference in improving cyber resilience against Russian-aligned threat groups,” he said.