The latest cyber attacks in Ukraine aim to destabilize the state.
A new target
Most cyberattacks aim to steal money, data, or both. But there can be destructive, psychological, or political motives. Remember how Russia used hacking and disinformation to destabilize the 2016 US presidential election and help then-candidate Donald Trump?
Russia has increasingly targeted Ukraine, officials and analysts say in an effort to undermine Ukrainians’ faith in the Kyiv government.
A distributed denial-of-service attack, or DDoS, occurs when hackers overwhelm a website or server with junk internet traffic to disrupt service. American and British officials say the attack targeted banks and Ukrainian government agencies.
The DDoS attack had a minor impact, but the attackers followed up by sending fake text messages claiming ATMs were broken. Throughout the episode, bank customers posted on social media to reassure Ukrainians that ATMs still worked.
The fake texts had two effects, according to Sandra Joyce of cybersecurity firm Mandiant. Assisting in the ongoing DDoS attacks was the first. (DDoS attacks use steady traffic waves to keep targets offline.)
But perhaps more importantly, “increasing fear and uncertainty about ‘Can the Ukrainian government protect itself?’” Joyce said last week on an Aspen Institute panel.
Russia has been accused of using malicious cyber activity against Ukraine in the past. (Kremlin denials of involvement in cyberattacks.)
With personal data of Ukrainians hacked and warnings to “be afraid and expect the worst,” a cyberattack on Jan. 14 targeted government websites.
An official from Ukraine’s Security Service said the campaign was well-planned and had clear goals.
It was meant to “spread chaos” and “damage and destabilize certain government agencies,” said Ukraine’s digital transformation minister, Mykhailo Fedorov.
Russian hackers allegedly knocked out electricity in parts of Ukraine in 2015 and 2016, and attacked election systems in 2014, allegedly “to skew the results.”
A larger operation, possibly against other countries, was interpreted as a test.
“Cyberattacks can be costly for organizations and frightening to some, but their real target is our perceptions,” Joyce wrote on Mandiant’s blog on Feb. 15. These cyberattacks are meant to scare those who can’t help but notice.
In an interview with a colleague, Joyce, an active Air Force reservist, said that the casualties from a land war would be far more serious than any cyber-related moves by Russia.
Disclaimer: These are the writer’s opinions and should not be considered investment advice. Readers should do their own research.