Russia and Ukraine: the 3 Russian cyber attacks that the West fears the most
US President Joe Biden has called on private companies and organizations in his country to “close their digital doors,” claiming intelligence reports suggest Russia is planning a cyberattack.
UK cyber authorities also back calls from the White House to “increased cybersecurity precautions”although they have not provided any evidence that Russia is planning such an attack.
Russia has previously stated that such accusations are “Russophobic”.
However, Russia is a cyber superpower with a significant arsenal of cyber tools and hackers capable of disruptive and potentially destructive attacks.
Ukraine has been relatively undisturbed by Russian cyber offensives, but experts now fear that Russia could launch one of these attacks against Ukraine’s allies.
“Biden’s warnings seem plausible, particularly as the West has introduced more sanctions, hackers continue to join the fight, and the kinetic aspects of the invasion are apparently not going according to plan,” notes Jen Ellis of cybersecurity firm Rapid7.
These are the attacks that experts fear the most.
BlackEnergy: targeted attack on critical infrastructure
Ukraine is often described as Russia’s hacking playground, which has carried out attacks there ostensibly to test techniques and tools.
In 2015, Ukraine’s power grid was disrupted by a cyberattack called BlackEnergy, causing a short-term blackout for 80,000 customers of a utility company in western Ukraine.
Almost exactly a year later, another cyberattack known as Industroyer left nearly a fifth of Ukraine’s capital, kyiv, without power for about an hour.
The US and the EU named and held responsible for the attacks Russian military hackers.
“Russia could absolutely try to execute an attack like this against the West as an illustration of its capabilities and to send a signal,” says Marina Krotofil, head of Ukrainian cybersecurity, who helped investigate the power outages.
“However, no cyberattack against a power grid has resulted in a prolonged interruption of power supply,” it says.
“Executing cyberattacks on complex engineering systems reliably is extremely difficult, and achieving prolonged damaging effect is sometimes impossible due to protections.”
Experts such as Krotofil hypothesize that this could also backfire on Russia, as the West is likely to be able to position itself on Russian networks as well.
NotPetya: uncontrollable destruction
NotPetya is believed to be the costliest cyber attack in history and authorities in the US, UK and EU have blamed a group of Russian military hackers.
The destructive software was hidden in an update to popular accounting software used in Ukraine, but spread throughout the world destroying the computer systems of thousands of companies and causing approximately US$10 billion in damage.
A month earlier North Korean hackers were accused of causing a major disruption with a similar attack.
The WannaCry cryptoworm (a type of virus) encrypted data on approximately 300,000 computers in 150 countries.
The UK National Health Service was forced to cancel a large number of medical appointments.
“These kinds of attacks would cause the greatest chance of a mass chaos, economic instability and even loss of life”says Ellis.
“It may sound like a stretch, but critical infrastructure often relies on connected technologies, just like any other part of our modern lives, and we’ve seen the potential for that with the impact of WannaCry on UK hospitals.”
However, Professor Alan Woodward, a computer scientist at the University of Surrey, says such attacks also carry risks for Russia.
“These kinds of uncontrollable hacks are similar to biological warfare in that it’s very difficult to hit specific infrastructure in specific places. WannaCry and NotPetya had victims in Russia as well.”
Colonial Pipeline: Cybercriminal attacks intensify
In May 2021, a state of emergency was declared in several US states after a group of hackers caused the closure of a vital gas pipeline.
The Colonial Pipeline carries 45% of the US East Coast’s supply of gasoline and diesel, and the attack triggered a panic at gas stations.
The cyberattack was not the work of hackers from the Russian government, but by the DarkSide ransomware group, which is believed to be based in Russia.
The pipeline company admitted paying criminals $4.4 million in hard-to-trace bitcoin in exchange for getting computer systems back up and running.
A few weeks later, the meat supply chain was hit when another ransomware group by the name of REvil attacked JBS, the world’s largest beef processor.
One of the biggest fears experts have regarding Russian cyber capabilities is that the Kremlin will urge cybercriminal groups to coordinate attacks on US targets to cause the greatest disruption.
“The benefit of ordering cybercriminals to execute ransomware attacks is the general chaos they can cause. In large enough numbers they can cause serious economic damage,” says Professor Woodward.
“They also add the advantage of being able to deny their involvement, as these groups are cut off from what would be a Russian state attack.”
How can the US respond?
In the highly unlikely event that a NATO country is the target of a cyber attack causing loss of life or massive irreparable damage, this could trigger Article 5, the Alliance’s collective defense clause.
But experts say this would drive NATO into a war it doesn’t want to be in, making any response more likely to come from the US and its close allies.
President Biden has already said his country “stands ready to respond” if Russia launches a major attack on the US.
However, the unprecedented cyber chaos seen in Ukraine in recent weeks from hackers on both sides of the war shows how easily the situation can escalate.
Therefore, any action will be considered with extreme care.
Remember that you can receive notifications from BBC Mundo. Download the new version of our app and activate it so you don’t miss out on our best content.
BBC-NEWS-SRC: https://www.bbc.com/mundo/noticias-60850173, IMPORTING DATE: 2022-03-24 10:50:05