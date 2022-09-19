Russian cyber attacks have targeted banks, government websites and ATMs

The Russian invasion entered its sixth month, operating in the shadows with technological resources and cybersoldiers to persistently attack and sustain digital hostilities. The old cold war became, after 50 years, a battle in the making in a parallel dimension that the population does not see, nor can it touch, but suffers.

For its part, North Korea has more than 6,000 members led by the Korean Army, carefully selected graduates of the Pyongyang University of Automation. The Bureau 121 is North Korea’s cyber warfare agency and the main unit of the Army’s Reconnaissance General Bureau (RGB), which conducts offensive cyber operations, including espionage and financial crimes. The use of surreptitious resources to cyberattack States, markets and the population has become “absolutely fundamental” as part of the advance plans on territories such as Ukraine.

One of the most significant cybersecurity incidents related to Russia’s war against Ukraine was a “multifaceted” attack on satellite provider Viasat’s KA-SAT network on February 24, just an hour before the invasion of Ukraine began. country. Cyber-War-of-Guerrillas, CyberWarFare y Hacktivism they are new formats of digital aggression and cyber-intelligence activities.

Attacks are taking place on all fronts, military, political, diplomatic, commercial, critical infrastructure and social networks. Russian attacks have targeted banks, government websites and ATMs. In the case of the latter, they disable them by preventing Ukrainians from accessing their money as they seek to flee. But this is not all, Russia is expanding its digital attack front to the rest of the continent.

In recent months, different industries based in the old continent have also reported suspicious activities. Among them, a water treatment plant and distributor, a beverage bottler and a grocery factory, all concerned about the possible threat of Russian cyberattacks on their OT infrastructures (Operational Technology) that supports the automation of its industrial production and manufacturing processes, which urgently need to map the degree of exposure and build an early defense strategy.

Russia has prepared these actions for years, including through attacks on electrical services and communications systems. The Kremlin’s first attack was in 2015, shutting down the national power grid for six hours, a year later it did it again.

The aggression is ongoing now, with more than 300 documented launches in and around Ukraine since the start of the conflict in February. These attacks led to regional power outages, explosions at an electrical substation, and explosions at a combined heat and power plant, resulting in a loss of heat, water, and electricity for citizens.

Since the beginning of the invasion, many of Ukraine’s closest allies have suffered from Russian cyberattacks, mostly without serious consequences. Poland is Ukraine’s closest neighbor and due to its close ties and strong financial support to the war-torn country, it has become a popular target for Russian hackers. Cyber ​​attacks in this country began shortly after Russia’s invasion of Ukraine, and in July, a pro-Kremlin hacking group called the Killnet wiped out key government websites.

In May, the Killnet declared “war” against the United States, the United Kingdom, Germany, Italy, Latvia, Romania, Lithuania, Estonia, and Poland for their support of Ukraine. Estonia has repelled a wave of cyberattacks, which came shortly after its government opted to remove Soviet monuments in an ethnically Russian-majority region.

In early August, Killnet took down the website of the Latvian parliament after lawmakers defined Russia as a “state sponsor of terrorism.” In the same month, Estonia said it had repelled the biggest wave of cyberattacks in more than a decade, launched shortly after the Estonian government decided to remove Soviet-era monuments from the country.

Estonia was subjected to the most extensive cyberattacks it has faced since 2007, with distributed denial of service (DDoS) attempts targeting both public institutions and the private sector. Russian hacking group Killnet claimed responsibility for the attacks, saying on its Telegram account that it had blocked access to more than 200 Estonian state and private institutions. In a DDoS attack, hackers attempt to flood a network with unusually high volumes of data traffic in order to cripple it when it can no longer cope with the scale of data requested.

Likewise, the United States and the rest of the countries that support Ukraine could also be victims of the Russians as a result of the sanctions against the Kremlin. These threats have not yet materialized or at least have not been made visible. Following the 2015 Russian cyberattack on Ukraine’s power grid, a malware Russian at up to 10 US utilities, including a Wolf Creek nuclear plant.

While the US government may believe it is ready to repel a massive attack, that readiness did not stop the 2021 Colonial Pipeline attack that disrupted fuel supplies to a significant part of the country. The hack shows that even in the last year, a simple scam of phishing or an outdated security system leaves the entire country vulnerable to attack.

A group of hackers believed to be affiliated with the Russian government gained access to the computer systems of various US government agencies. In March 2020, SolarWinds, upgraded software versions to its customers that included “hacked” code. This code created a backdoor to access systems and information, which they then used to install malware to spy on companies and organizations for months.

A global attack could cause interruptions in electrical services, lack of water, heating or access to communications and the Internet. Nations must prepare for cyber warfare and educate the population, this could be the weakest link in the chain.

