Generally, most cyberattacks are designed to steal money, data, or both, but sometimes other psychological or political motives are involved.
Remember the 2016 US presidential election when Russia was accused of engaging in a hacking and disinformation campaign to sow chaos and benefit then-candidate Donald Trump?
Ukraine has been a more regular target of such attacks than Russia, part of what government officials and intelligence analysts say is an ongoing attempt to undermine Ukrainians' confidence in the government in Kyiv.
An attack that never stops
The latest round of these attacks, which began on February 15, involved a distributed denial-of-service (DDoS) attack, in which hackers overwhelm a website or server with heavy, unimportant Internet traffic to disrupt service, preventing real users from to get it.
US and British officials say the GRU was behind the attack, which targeted Ukrainian banks and government agencies.
While the impact of the "DDoS" attack was relatively modest, the attackers followed it up by sending fake text messages claiming that the country's ATMs were not working, which called for messages of reassurance to citizens about the safety of their money, and that the ATMs were in fact operating without problems.
The fake messages have had a double effect, says Sandra Joyce, head of global intelligence at cybersecurity firm Mandiant.
(1) The first was directing consumers to the websites of banks, which helped keep DDoS attacks going (DDoS attacks rely on constant waves of traffic to keep targets offline).
The second, and perhaps most important, was "increasing fear and doubt about the ability of the Ukrainian government to protect itself".
In fact, this was not the first time that Russia had been accused of using malicious cyber activity as a psychological weapon against Ukraine before.
For example, the January 14 attack affected government websites, which were defaced with a false message that the personal data of Ukrainians had been hacked, the Ukrainian Security Service reported that initial evidence pointed to the involvement of Russian intelligence, and a senior Ukrainian official said the campaign was carefully planned. And it has clear goals. “It was intended to spread chaos, harm the work of some government agencies and destabilize them,” said Mikhailo Fedorov, Ukraine's minister of digital transformation.
Similarly, Russian hackers have been accused of cutting electricity to parts of Ukraine in 2015 and 2016 and attacking election electronic systems in 2014, attacks that a senior Ukrainian security official said were “intended to distort results” (3).
These moves have been interpreted as a test of broader operations, possibly against other countries. “Cyber-attacks can be costly to organizations, but their real goal is awareness (meaning awareness of the attacking party's strength)," Joyce wrote in Mandiant. leading to psychological instability)", she added, "The purpose of these cyber-attacks is not just to wipe hard drives or turn off the lights, but to frighten those who can't help but notice."
But in addition to all of the above, the collateral damage caused by the wave of cyber-attacks targeting Ukrainian government websites may be greater and more significant than everyone thinks, and may reach the point of disrupting shipping lines and global logistics companies, and may reignite the worst chaos in the global supply chain. Those that happened last year.
The supply chain is defined as a system of institutions, technologies, activities, information, and resources required to move products or services from suppliers to customers around the world. car) after the final customer receives it.
This supply system includes an intertwined series of movements and operations that depend on each other, and take place daily around the clock, and the problem is that disrupting one link in that chain can stop the entire process, whether it is a failure in a ship that ran aground across the Egyptian Suez Canal, or a cyber attack in a European country (4).
It is not an exaggeration at all here.
A major disruption today in shipping lines, truck fleets and delivery companies is likely to have devastating consequences.
In a worst-case scenario, the current backlog at ports could continue unabated until the end of the year and will intensify again as the holiday shopping season again stresses supply chains, driving up freight costs and thus exacerbating inflation.
Among the victims of similar operations in 2021 were Maersk, the largest shipping line in the world, and TNT Express, a subsidiary of FedEx in Europe.
The attack completely shut down Maersk's computer networks for two weeks, leaving the world's largest fleet of container ships unable to accept new bookings, and halting activity at 17 ports controlled by Maersk.
Maersk estimates that the paralysis caused $300 million in economic damage (5).
Similarly, FedEx lost $400 million when the virus infected TNT Express computers and paralyzed its European shipments.
But security officials are now also concerned about Russian hackers directly targeting key US and European companies in retaliation for economic sanctions, as such an attack could cripple global supply chains still recovering from the chaos of 2021. Ports and warehouses need months to clear the massive backlog before That demand for shipping rises again in September ahead of the 2022 holiday season, and any disruption now could bring those efforts to a halt, leaving the world facing the same high prices and shipping delays once again.
“Over the past two weeks, we've seen a number of warnings from the US and UK that the threat of cyber attacks has increased, so there is a very real fear of infrastructure being targeted,” says Las Jensen, CEO of shipping consultancy Vespucci Maritime. About the attack on Maersk: “It had no real impact on supply chains at the time, because there was a lot of spare capacity in the global system to replace it. However, there is currently no redundant capacity in container shipping, so a similar cyber attack now could potentially lead It has a devastating impact on global supply chains.”
However, while many analysts have warned of the effects that the war in the Black Sea could have on oil prices, Jensen noted that it is unlikely to have a significant impact on container freight rates: “We are in an unusual situation, where he doesn't care Any shipper with oil prices, because freight rates are very high.” He explained, “In the past, when carriers had to implement a sudden increase of $ 200 due to high oil prices, it caused outrage, but today this kind of increase means nothing.” .
Well, if cyber warfare is going to have such devastating consequences, will the West, whose consequences will surely last, stand idly by?
The answer is an explicit no, but what can be done?
Fighting fire with fire
In the past years, the United States, NATO, and Europe have adapted their security policies to be able to respond to cyberattacks from Russia, China, and others, but this approach has so far failed to deter or prevent adversaries from attacking on an almost daily basis.
The first is sanctions, and the United States and the European Union have begun imposing sanctions on hackers in Russia, China, and North Korea, in an effort to discourage state-backed groups from attacking Western infrastructure.
Experts now say sanctions should be imposed on people who commit cyber-attacks on Ukraine, as part of a broader effort to get Moscow to pull back from Ukraine's border, asserts Helle Terma-Klar, a former Estonian ambassador for cyber diplomacy who now leads the Institute for Digital Society at the European School of Management and Technology (ESMT) based in Berlin.
(7) But the sanctions did not dissuade Russia, why not fight fire with fire?
Debates have been going on for years about whether to respond to cyberattacks with similar attacks.
There have been a few publicly reported cases in which the West responded with an attack, in part because the response could escalate the online conflict with Russia, while many countries are not confident they can win.
But countries have also begun to open up more to hacking, and the most obvious case is the US Cyber Command, part of the US military, which ousted the St. Petersburg-based Russian Internet Research Agency in 2018 to prevent it from spreading misinformation about the midterm elections, officials previously told the New York newspaper. Times".
There are reports of US cyber actions against North Korea, as well as traditional cyber espionage by European countries such as the Netherlands to gain intelligence on the operations of Russia and other countries.
For its part, NATO has reiterated in recent years that it can respond to cyberattacks on member states with its own actions, online or otherwise. An attack on an ally is an attack on all.
As NATO emphasized in another statement: "We must work together more closely than ever and benefit from our unique network of allies, partner countries and organizations."
The countries of the world today realize that a single country will not be able to secure the chaotic cyberspace, and the only solution remains in a collective action that can protect the world from the evils of chaos coming from the world of the Internet.
The Ukraine Cyber Crisis: We Should Prepare, But Not Panic
Recent Hacks in Ukraine Meant to 'Spread Chaos,' Minister Says
Valentin Petrov: The Russian secret services are behind cyber-attacks against Ukraine
Why war in Ukraine could be catastrophic for container shipping
Shipping company Maersk says June cyberattack could cost it up to $300 million
One Year After NotPetya Cyberattack, Firms Wrestle With Recovery Costs
Ukraine is getting pummeled with cyberattacks.
What's the West to do?
NATO will defend itself