The war in Ukraine has flipped lives upside down, displaced millions of people, and disrupted geopolitical norms – all since 24th February. While the Russian army is using traditional warfare on the ground, cyberwarfare is also being waged online.
The cybersecurity community will be all too familiar with cyberattacks attributed to Russia. Indeed, before Putin sent troops to invade Ukraine, it was estimated that 74% of all ransomware payments went to Russian groups.
Yet the USA and Europe – staunchly on the side of Ukraine – have some of the biggest tech firms and the biggest developer communities in the world.
How do these online superpowers square up? Where does India sit in all of this?
We’re going to explore:
- What the online element of the Ukraine war looks like.
- How the cyberbattles are affecting the world.
- What it means for India’s cybersecurity.
Helping you to see the cyberwar in a global context and understand the implications for the future of the internet.
What does cyberwar look like?
The opening salvo in the online war came the day before Russian soldiers went in. A malware bug called #HermeticWiper attacked a range of government departments, namely:
- The Ministry of Defense;
- The Ministry of Internal Affairs;
- The Security Service of Ukraine;
Plus websites belonging to Ukrainian cabinet ministers.
The malware came hot on the heels of #WhisperGate in January 2022. Microsoft picked up on the bug and has linked it to #HermeticWiper, and although there is no direct evidence of a link to Russia, the timing seems too coincidental to be anything else .
At the same time that Russia is attacking Ukrainian online assets, the number of distributed denial of service (DDoS) attacks against Russia is spiraling. There were as many DDoS attacks against Russian sites in the first 11 days of March as for the whole of February .
The cyberattacks have been against Kremlin sites, the national airline Aeroflot, and one of the biggest lenders in Russia Sberbank. Even the Russian Stock Exchange was brought down for a short time.
Online attacks from both sides are aimed for government sites, the financial sector, and infrastructure. Ukrainians aren’t being attacked on an individual level but they will still need to know what a VPN is to mask their browsing location and keep safe from geo- based cybercrime.
What are the global implications of the cyberwar?
The cyberwar reaches far beyond the periphery of Eastern Europe. Finland has found itself the target of Russian cybercriminals since it has vocalised a new desire to join NATO. Government websites were attacked at the same time airspace was violated in April.
Meanwhile, the FBI announced in March that potential Russian attackers were scanning websites in the energy sector. This could well be a sign that an attack on US infrastructure is imminent – taking the online conflict global.
An interesting development in this cyberwar is the involvement of private companies. Businesses have always been involved in wars, but a lot of the action is more direct this time.
US-based Microsoft is actively working to counter Russian cyberattacks. The tech giant has been tracking hack attempts for years and is actively disrupting bugs like Strontium through legal and technical means.
Another tech behemoth, Amazon is also offering material support for the Ukrainian side in the conflict.
Image source: Twitter
This Tweet from the President and CEO of Amazon.com echoes a lot of tech companies that offered material cybersecurity support in the wake of the invasion. Another example of businesses getting involved in the conflict is Vectra AI, a cybersecurity company offering free services to those vulnerable to attack.
The shift in defense policy from Germany has been one of the striking U-turns the conflict has caused. Yet, on the cyber front, there is a realisation that governments aren’t prepared for cyberwar on this scale.
Indeed, the Australian government has pledged an injection of $9.9 billion over five years to bolster its cyberattack offensive capabilities. When new budgets are delivered across Europe in the coming months, we expect to see more governments targeting this element of war with more spending and education policies designed to generate more skilled workers.
How will the war in Ukraine affect Indian cybersecurity?
India has so far tried to toe a neutral path, as per its non-aligned policy that’s been in play since independence. It’s abstained on vote after vote in the UN Security Council and has refused to condemn Russian actions in Ukraine.
Neutrality isn’t what it once was and hackers and citizen soldiers online don’t care much for foreign policy doctrine. Although no concrete signs yet, a continuation of the current policy could see India enter the crosshairs of Ukrainian cyberattackers.
A much more salient threat is the malware that has been used by both sides. There is real potential that the new wipers and ransomwares that have been let loose could make their way into Indian servers and affect telecommunications, banking, and infrastructure.
No blame has yet been assigned to the February ransomware attack on India’s biggest container port, Jawaharlal Nehru Port Container Terminal (JNPCT), in Mumbai. Whether it was Russian, Ukrainian, or from elsewhere, it’s a clear sign that Indian infrastructure is vulnerable and the potential disruption is massive.
Finally, India needs to be aware of what China is taking away from this online war. There are lessons to be learned and China may come away from the attacks feeling emboldened. India needs to focus on its cyberwar doctrine going forward – building a policy and plan to be able to protect itself and go on the offensive when needed.
Russia and Ukraine – the Indian perspective
India needs to be ready for indirect threats from the current conflict. It’s being played out online and the chances of wipers and worms making their way onto the wider internet are all but guaranteed.
Now is the time to shore up for the future and ensure that India is ready for cyberwar when it reaches here – which it is bound to at some point.
(Devdiscourse’s journalists were not involved in the production of this article. The facts and opinions appearing in the article do not reflect the views of Devdiscourse and Devdiscourse does not claim any responsibility for the same.)