Blavatnik’s Interdisciplinary Cyber Research Center in Tel Aviv reported that in the month leading to the Russian invasion into Ukraine, escalating tensions were accompanied by cyberattacks that aimed to disrupt government and financial services. On February 3rd, the Security Service of Ukraine (SBU) announced that it had detected over 25,000 critical information security incidents, including 121 cyberattacks on governmental information systems. On February 15th, the State Service of Special Communications and Information Protection of Ukraine announced that the websites of the Ukrainian army, the defense, foreign and culture ministries and state-owned banks Privatbank and Sberbank were knocked offline by DDoS cyberattacks. The US and the UK blamed the Russian military intelligence (GRU) for the attacks.
Against this backdrop, Western countries attempted to supply Ukraine with technical assistance. At the beginning of the month, the US Deputy National Security Advisor for Cyber and Emerging Technology, Anne Neuberger, held a series of meetings with European senior officials to coordinate provisions of cyber security assistance to Ukraine. American Officials said NATO had been working to enhance cyber resilience of government agencies in Ukraine and provided incident response capacities. On February 22nd, six EU countries – Lithuania, Croatia, Poland, Estonia, Romania and the Netherlands – deployed the newly formed Cyber Rapid-Response Team (CRRT) to help Ukrainian institutions to cope with Russian cyberattacks.
Moreover, European and allied states have warned that businesses and service providers may be targeted as part of a Russian cyber retaliation on sanctions and assistance to Ukraine. Banks across Europe have been warned against possible Russian-sponsored cyberattacks amid the escalating tension. The Polish Government’s Center for Security (GCS) has announced a heightened level of alert and guided security services and public administration agencies to conduct increased monitoring of their ICT systems. On February 22nd, the British defense secretary, Ben Wallace, stated that the UK may launch cyberattacks on Russia if it targets the UK’s computer networks.
Hours before the Russian invasion into Ukraine, Ukrainian government websites were knocked down by Denial of Service (DDoS) attacks. Western security firms identified a destructive malware dubbed as ‘HermeticWiper’ which had deleted data on hundreds of machines belonging to the Ukrainian government and its contractors in Lithuania and Latvia.
Following the invasion, international hacking collectives, such as Anonymous, declared their support of Ukraine and announced that they had hacked and leaked data that belongs the Russian ministry of defense. On February 26th, Russian officials reported that the Official websites of the Kremlin and of Russian president, Vladimir Putin, were taken down following DDoS attacks.