The Defense One website stated that Biden's remarks came hours after Russian forces invaded Ukraine and Russian hackers used DoS attacks to disrupt Ukrainian government and financial websites.
It is unclear what the US response to Russian cyberattacks might entail, but through a tweet last Thursday, White House Press Secretary Jen Psaki denied a report saying that President Biden was offered several options to carry out major cyberattacks against Russia. According to the report, options included cutting off internet access across Russia, cutting off electrical power and disrupting Russian railway traffic.
On the day immediately following these statements, "Friday", six Russian government websites, including those of the Kremlin and the Ministry of Defense, were down for several hours and I could not be reached These sites after reports of cyberattacks on various state media and the Russian government.
The exact reasons for the outage were not clear, but the international hacking group Anonymous claimed to have carried out the attacks, and some Russian government websites continued to decline on Saturday, as the country's invasion of Ukraine entered its third day.
The group said in a tweet on Twitter: "Anonymous operations continue to keep Russian government websites down while broadcasting information to the Russian people to break free from Putin's government propaganda machine."
This also happened after the government of Ukraine, in a post, solicited volunteers from the country's underground hackers to help protect critical infrastructure and conduct cyberespionage missions against Russian forces, according to two people involved in the project.
The post said: "Ukrainian cyber community! It's time to in cyber defense of our country," we ask hackers and cyber security experts to send their specialties, such as malware development.
Egor Aushev, co-founder of a cybersecurity firm in Kiev, told Reuters he wrote the post at the request of a senior defense ministry official.
The Jerusalem Post quoted Aushev as saying that his volunteer assault unit would help the Ukrainian army conduct digital espionage operations against the invading Russian forces.
Researchers at the cybersecurity company ESET confirmed that a destructive program was recently found spreading in Ukraine, which disabled hundreds of computers, and suspicions turned to Russia, and Reuters reported earlier that among the victims were government agencies and a financial institution.
The Washington Post reported that a Ukrainian security official confirmed earlier this month that the country does not have a dedicated military cyber force, "our task is to create it this year."
Ukrainian cities have also suffered from an ongoing campaign of cyberattacks, and the BBC reported that several websites of banks and government departments in Ukraine were destroyed last Wednesday.
The incident followed a similar attack a week earlier...in which about 70 Ukrainian government websites were crashed, and Ukraine and the United States blamed Russia.
A report by The Conversation indicates that with a large-scale invasion, Ukraine can expect more cyber-attacks, which can cripple infrastructure and affect water, electricity and telecommunications services, further weakening Ukraine in its attempt to confront military aggression. Russian.
Cyberattacks fall into traditional attack categories such as sabotage, espionage, and destruction. They can be executed more quickly than attacks with conventional weapons, and largely overcome barriers of time and distance. Launching them is relatively cheap and simple, but defending against them becomes increasingly expensive and difficult.
The site says that these attacks are usually coordinated by the Russian Main Intelligence Directorate (GRU), and involve the use of ad hoc malware to target hardware and software that support the target country's systems and infrastructure.
Among the recent attacks on Ukraine is a distributed denial-of-service (DDoS) attack. According to Ukraine’s Minister for Digital Transformation, Mykhailo Fedorov, many Ukrainian government and banking websites have been paralyzed as a result. DDoS attacks use bots to overwhelm online service, causing it to crash. It is forbidden to access it to legitimate users.
On February 15, the Ukrainian Cyber Police said that citizens were receiving fake text messages claiming that ATMs had stopped working "although this was not confirmed", and many citizens rushed to withdraw money, causing panic and paranoia .
In December 2015, the GRU targeted the networks of industrial control systems in Ukraine with destructive malware, and this caused a power outage in the western Ivano-Frankivsk region, leaving about 700,000 homes without electricity for six hours.
This happened again in December 2016, when Russia developed a custom malware called CrashOverride to target Ukraine's power grid, and an estimated one-fifth of Kiev's total power was knocked out for about an hour.
U.S. officials indicted six Russian GRU officers in 2020 for spreading the NotPetya ransomware, which affected computer networks around the world, targeted hospitals and medical facilities in the United States, and cost more than $1 billion in losses.
NotPetya has also been used against Ukrainian government ministries, banks and energy companies, among other victims, and has been described by the US Department of Justice as "some of the most destructive malware in the world to date".
Another Russian-sponsored attack that began in January 2021 targeted Microsoft Exchange servers. The attack gave hackers access to email accounts and associated networks around the world, including Ukraine, the United States, and Australia.
Ukraine is facing serious risks at the moment. A major cyberattack could disrupt basic services and further undermine national security and sovereignty.
Six EU countries "Lithuania, the Netherlands, Poland, Estonia, Romania and Croatia" have sent cybersecurity experts to help Ukraine deal with these threats, and Australia has also said it will provide cybersecurity training for Ukrainian officials.
In conventional warfare, the enemy is usually direct and known, but in cyberspace it is much more complicated.. Identifying the culprit can be time consuming and expensive.
The "zombie" computer to infiltrate enemy locations without discovering the real culprit
Usually deniability can be maintained, because cyberattacks can be launched from another host that isn't targeted, for example, a compromised device of a victim "called a zombie machine" can be used to continue a series of attacks, so tracking down the perpetrators is difficult.
Fortune says Russia is home to some of the world's most notorious criminal hackers, some of whom operate under state auspices. Will broader cyberattacks follow a military invasion? Can they strike the West?
“I think the risk right now is high and growing,” said Derek Vadala, chief risk officer at US cyber threat rating firm BitSight, and warned Western companies that they must ensure their systems are immune to known vulnerabilities, “everyone is on high alert at the moment.” Present".
Western governments and agencies are concerned about the potential for cyberattacks on their organisations. The UK's National Cyber Security Centre, a division of Britain's security intelligence agency GCHQ, said UK organizations should "strengthen their online defenses" because "there is a historical pattern For cyberattacks on Ukraine with international consequences,” he said, referring to the “NotPetya” ransomware attack that targeted Ukrainian companies and institutions in 2017 before causing chaos around the world.
The US Department of Homeland Security has also launched a “Prevent” campaign to protect critical infrastructure from Russian actions, warning companies that they are at risk, and the FBI and Department of Homeland Security have previously accused “Russian government cyber actors” of targeting the energy, water, and nuclear sectors. American and others.
NATO declared that any electronic attack on a member of it is equivalent to an armed attack..!!
For the past 15 years, NATO has asserted that a cyberattack on one of its members can be tantamount to an armed attack, and last year, NATO appeared to broaden its definition of the type of cyberattack that merits a collective response, in a statement stating that "the impact of massive cyber activities The accumulated malware could, under certain circumstances, be considered an armed attack."
A CNN report indicates that Russia has previously been repeatedly accused of online disinformation campaigns targeting the United States, in particular efforts to interfere in US elections and sow discord, and this week US officials accused Russian intelligence of spreading disinformation about Ukraine .
Across the world, analysts say, companies that do business with Ukrainian organizations or institutions need to be careful, "because connections to Ukrainian systems may be used as a focal point for other goals," and as the conflict in Ukraine escalates, "all actors involved On American soil, which directly aids the Ukrainian military machine... becomes a target game for the Russians."
The UK's National Cyber Security Center and the US Cybersecurity and Infrastructure Security Agency - together with the FBI and the National Security Agency - have issued warnings of the discovery of a new form of malware for network devices used by the Sandworm group. It is a group linked to some of the most destructive cyber attacks in history and is believed to be part of Russia's military intelligence agency, the GRU.
Wired says it is still not clear whether the Russian Sandworm hacker group is hacking network devices for espionage purposes, building its network of hacked devices to use as communications infrastructure for future operations, or targeting networks with disruptive cyberattacks. As Joe Slowick says. Gigamon's security researcher and longtime tracker of the Sandorm Group.
