13 April 2022. Oilprice.com: ‘The Threat Of Russian Cyberattacks On Western Infrastructure Is Growing’ By Haley Zaremba
- Reports of Russian cyberattacks on Ukrainian infrastructure are mounting.
- German infrastructure has been targeted, as well, with an attack that paralyzed 11GW of power in late February.
- “Conflict in Ukraine presents perhaps the most acute cyber risk U.S. and western corporations have ever faced,” the Harvard Business Review warned.
Back in early February, reports were mounting that Russia was preparing to invade Ukraine. Videos of Russian troops training, working out, and preparing for battle were circulating around the internet, and Vladimir Putin was giving veiled and vague warnings and threats of the impending war. As it became clear that the Russian invasion was no longer a matter of “if,” but rather a matter of “when,” many column inches were dedicated to how the conflict would play out, but few were as prescient as a warning published by the Harvard Business Review less than a week before the invasion came to pass. The column did not predict the atrocities that have unfolded on the ground in Ukraine, but warned of a much more insidious and invisible threat – that of “a new wave of cyber-attacks on Ukrainian and western energy, finance, and communications infrastructure.” Last week, those ominous predictions came to fruition. The Ukrainian government and a major cybersecurity company working with Ukraine announced Tuesday that last week Russian military hackers tried and failed to cripple Ukraine’s energy infrastructure with a malware attack. “The attack was designed to infiltrate computers connected to multiple substations, then delete all files, which would shut that infrastructure down,” NBC News reports.
According to Slovakia-based cybersecurity company ESET, an arm of GRU, the Russian military intelligence agency, had likely been planned for at least two weeks. This cyber military unit, known as Sandworm, had successfully carried out cyberattacks in Ukraine in 2014 and 2015, causing Kyiv residents to lose power on both occasions. Last week’s attack more than likely used an updated version of the same malware, called Industroyer, used in both prior attacks.
“The attack adds to a growing number of efforts by Russia to target crucial Ukrainian infrastructure, some of which have been successful,” the NBC report continues. “Ukraine has faced multiple ‘wiper’ attacks, including ones that have targeted computers in Ukraine’s government, financial institutions and internet service providers.” Ukraine’s victory over this latest attack, and their cyber vigilance in general, is an incredible feat under the current horrific conditions on the ground.
Russian cyberattacks have not been limited to Ukrainian companies and infrastructure, and it is extremely likely that the Kremlin will ramp up cyberattack efforts in the West in response to tightening sanctions, which are helping to drive Russia to a historic debt default. “Conflict in Ukraine presents perhaps the most acute cyber risk U.S. and western corporations have ever faced,” the Harvard Business Review warned back in February. “Russia will not stand by, but will instead respond asymmetrically using its considerable cyber capability.” A cyberattack campaign coming out of Russia could imperil global supply chains and make entire economies vulnerable at a time when economic volatility is already battering consumers with sky-high inflation and costs of living.
Already, Russia has attacked German energy and military infrastructure, paralyzing 11 gigawatts’ worth of German wind turbines and crippling a communication system that is also used for photovoltaic solar power in late February as Russia began its invasion of Ukraine. The impact of that attack was minimal, but it is highly unlikely that it will be the last effort by Russian hackers to hit the West where it hurts. In fact, as Putin feels increasingly backed into a corner as the world unifies to condemn Russia’s violence in Ukraine and to put a chokehold on the Russian economy, desperation will likely lead to increasingly aggressive attempted cyberattacks.
Making the situation even more precarious, Ukraine is now a part of the European Union’s power grid, a merger that was undertaken in record time in order to keep the lights on in Ukraine, which was dependent on Russia’s grid right up until the moment of invasion. While this provides some insurance to the Ukrainian grid, it creates new vulnerabilities for Europe, which stands to absorb collateral damage from any attacks on Ukraine’s energy infrastructure.
By Haley Zaremba for Oilprice.com