The term “cyber war” is continually used in relation to the war in Ukraine: But what really is a cyber war? Is there a danger that Western countries will be dragged into war in the digital field? Experts warn against overuse of the term. Let's measure things as they are.
The word “cyber” comes up quickly when it comes to the war in Ukraine. Everything has a reason for being: the hacker collective Anonymous has declared cyber war on Russia, while one of the largest Russian ransomware groups has declared that it is now fighting digitally for its own country. Even before the war started, there were attacks on Ukraine's infrastructure, including in the form of so-called DDoS and wiper attacks. Even if it is still difficult to say who is behind it, many hackers suspect wiper attacks, which also very specifically affect Ukrainian authorities and government-related companies…
DDoS
So-called DDos attacks are more like ready-made attacks: you can buy or order them on the Internet. Among other things, criminals have hacked computers that do not have security updates or are using outdated versions of operating systems that are no longer supported by Microsoft, due to security gaps that have generally been known for a lifetime. There are an infinite number of these, and most of the time their owners do not know that strangers are using their equipment for their own purposes. To some extent, attackers can control these computers remotely and use them to send malware, or to automatically call certain websites over and over again until the infrastructure collapses and no one can access them.
Wiper or what is the same Windshield Wiper
Before the invasion, the cleanup malware was spreading on numerous Ukrainian systems, especially those of companies as contractual partners of the Ukrainian government, and is quite sophisticated. Wiper means a wipe attack: the corresponding software wipes entire computers and systems so that they can no longer be used.
Data ransom or also called Ransomware
Ransomware groups are cybercriminals that break into computers and systems and encrypt the data they contain. They demand a ransom for the decryption code. Meanwhile, attacks are often combined with blackmail of the companies involved with the threat of publishing their data.
At a press conference organized by the Science Media Center, Matthias Schulze, deputy head of the Security Policy research group at Stiftung Wissenschaft und Politik, said that both the dimensions and background of attacks in the digital space were still difficult to foresee. : » It is still too early to draw conclusions”, “the fog of war” still hangs over many things. War also means that information is more difficult to penetrate and, above all, difficult to verify.
Together with his colleagues, Schulze has already collected around 150 so-called war-related "incidents" and tried to verify them. These include digital attacks of all kinds, from the numerous DDoS attacks on websites on both sides to takedown attacks and the targeted spread of misinformation. “The great cyber war that some feared has not yet occurred,” he said, “but the situation is getting worse.”
However, it is important not to forget that in today's war people are dying from gun violence and infrastructure is much more likely to be destroyed by physical violence than by digital attacks. If there are already troops in the country, it is easier and more obvious to destroy infrastructure with bombs and tanks than with viruses. Security researchers repeatedly point out that so-called cyber-physical attacks are complex and often fail at a stage when they are not even noticed.
In a conflict, the psychological impact of digital attacks and espionage opportunities play a more important role, Schulze emphasizes. He sees a more dangerous dimension in the actions of hacktivists, that is, groups and individuals who are now intervening in the conflict on a digital level: his institute is observing around 30 different hacker groups on both sides of the conflict, including classic criminals. such as ransomware groups, "which attack indiscriminately." At least one of the groups, Conti, has leaked chat stories. Indications that this is in exchange for the Russian secret service FSB. In addition, the Ukrainian government has created a “Ukrainian IT Army” for volunteers, which is coordinated through the Telegram messenger and already has 270.000 members. Volunteer cyber warriors paralyze Russian websites, including those of a large Russian bank and the websites of the government itself.
It is feared that such actions will further escalate the war. A group of suspected Belarusian hacktivists disrupted train service there to disrupt troop movement. It is noted that this already falls within the critical area: the question is how the other party or the other side will interpret it. "Probably a Western-led action by foreign agents." It seems that all this continues.
Do you need to update your website?
Do you need any of our web design services? In IndianWebs We have extensive experience, and a team of programmers and web designers in different specialties, we are capable of offering a wide range of services in the creation of custom web pages. Whatever your project is, we will tackle it.