Russia intensifies cyberattacks on Ukraine allies
Russian ‘hacktivists’ are hitting Poland and Nordic and Baltic countries with an arsenal of cyberweapons, analysts say.
Russia’s cyberwar on Ukraine has largely failed and Moscow is increasingly targeting Kyiv’s European allies, according to US and French analysts.
French defence firm Thales said in a report on Wednesday that Russia was hitting Poland and Nordic and Baltic countries with an arsenal of cyberweapons aiming to sow divisions and promote anti-war messages.
“These groups of independent, civilian hacktivists have emerged as a new component in the conflict. They can be assimilated to a cybercriminal group with specific political objectives and interests, acting out of conviction, yet not directly sponsored by any government. Members of such groups have a broad array of origins, technical skills and backgrounds,” Thales said in a statement.
About 60 percent of all cyberattacks reported worldwide were conducted by Russian hackers, the report said.
Microsoft said in a threat assessment earlier this month that Russian actors had launched attacks in at least 17 European countries in the first six weeks of this year.
Russia’s assault on Ukraine began on February 24 last year, but it has not been able to score a decisive victory on the battlefield over its much smaller neighbour.
No ‘game-changing blow’
Thales and Microsoft said Russia’s invasion was accompanied by widespread cyberattacks in Ukraine, but they were repelled.
“Cyberwarfare didn’t deliver the game-changing blow that Russia hoped for,” said Thales’ technical director for cyber defence, Ivan Fontarensky, highlighting the resilience of Ukraine’s defences.
Both firms said Russia shifted focus to other European countries late last year.
“In the third quarter of 2022, Europe was dragged into a high-intensity hybrid cyberwar at a turning point in the conflict,” said Pierre-Yves Jolivet, Thales vice president for cyber solutions.
Jolivet said countries outside Ukraine were suffering a “massive wave” of DDoS attacks – when a server is flooded with requests that crash the network.
These attacks were increasingly carried out by groups aligned with the Kremlin rather than official groups, and they aimed to sow chaos rather than destroy infrastructure, Thales said.
Poland, Latvia and Sweden were among the most affected countries. Montenegro and Moldova – candidates for European integration – were also being targeted.
Microsoft said in its assessment that attacks this year in Europe were largely aimed at government entities for espionage purposes.
Highlighting the global reach of Russian actors, the firm said 21 percent of attacks outside Ukraine since the start of the war had hit the United States.
While attacks outside Ukraine were often low-level harassment, Microsoft said Russia may well choose more damaging cyber tools in the future.
“Should Russia suffer more setbacks on the battlefield, Russian actors may seek to expand their targeting of military and humanitarian supply chains by pursuing destructive attacks beyond Ukraine and Poland,” said Microsoft.