January 19th, 2022
What Happened This Weekend?
The year only just began, and of course, a pandemic wasn’t enough. On Saturday January 15th, 2022, a destructive cyberattack in Ukraine began to rapidly garner national attention (1). The Microsoft Threat Intelligence Center (MSTIC) warned that they had identified destructive malware on computer systems at several Ukrainian government agencies, non-profit organizations, and technology organizations, according to a statement issued by the company (2). Many victim systems of this cyberattack belong to agencies and organizations that work closely with the Ukrainian government to provide critical executive branch and emergency response functions (1, 3). Although the Microsoft warning was only issued on Saturday evening, the destructive malware, capable of wiping data, first appeared on victim systems in Ukraine on Thursday, January 17th, 2022 (3,4). Further details about the malware were made public in a blog post by the tech giant. According to security specialists at the company, identification of the malware on Thursday, January 17th, coincided with a global cybersecurity attack on the nights of January 13th and 14th, 2022 (2).
These attacks targeted Ukrainian government websites, including those belonging to the Ministry of Foreign Affairs and the Ministry of Education (1,3). Furthermore, the company reported that the malware was deceptively designed to resemble ransomware, however, was lacking a ransom recovery mechanism (2). Microsoft further emphasized their belief that the intent of the malware was to ensure that targeted devices became inoperable and destroy data at the hackers’ command (2). In addition to comments issued by Microsoft regarding the attack, the Ukrainian government has also announced that it has gathered evidence suggesting Russian involvement in the cyberattack (3). Ukraine’s Ministry of Digital Development even blatantly remarked that all evidence indicates Russian involvement in the cyberattack (3).
Despite lengthy statements made by both Microsoft and the Ukrainian government, one question still evades us and that is: who is really behind the attack? Microsoft has thus far, been unable to provide a definitive answer, aside from informing the international community that they have commenced their investigation into the origin of the attacks. Contrastingly, Ukrainian officials have not wasted any time in making their suspicions evident (3). According to Reuters, Ukraine initially suggested that a hacking group associated with Belarus was responsible for the hacks, due to similarities observed in the malware used for this attack and previous cyberattacks (4). Simultaneously however, Ukraine suggested that Russian involvement is undeniable, and that “all evidence indicates that Russia is behind the cyberattack. (1)” Where’s the evidence you ask? To that, Ukraine has no response.
Digging Deeper
This past weekend of cyberattacks is not a recent phenomenon. Instead, cyberattacks have been a defining characteristic of the tension between the two countries since the collapse of the Soviet Union (3). Shortly after the Soviet Union dissolved, both countries began using cyberattacks as weapons to further their confrontation (3). Experts are now using the term “cyber war” to describe similar computer-driven conflicts across the globe (5). In response to the events that transpired on Saturday, Bart Groothius, a member of the European Parliament said, “Cyber warfare doesn’t exist, it’s nonsense. (5)” Is he right, or is he simply refusing to accept that war as we understand it, is changing?
Let’s explore some more and then revisit his statement…
The Emergence of a New Weapon
The sophistication of cyberattacks has evolved steadily over the last three decades and more recently, they have become a staple in all things criminal. They are increasingly being used as a means of perpetrating extreme violence, aggression, and even death. As political tensions have heightened across the globe since the early 2000s, cyberattacks have become the preferred means of various extremist groups, terror organizations, and other malevolent actors for perpetrating war, and inciting violence. The cyberattack in Ukraine is just one of many similar attacks that have occurred and is far from being the biggest attack to have occurred recently. Remember when we naively believed that the pandemic would be our biggest obstacle in 2021? Well, 2021 also witnessed some of the biggest cyberattacks in recent years, with millions being impacted (6). There was the Colonial Pipeline Attack, the Twitch Data Dump, the JBS Foods Hack, and the infamous CAN hack, that resulted in the data-captors being paid an astounding $40 million (6). These attacks only transpired in 2021, but lest we forget, the Stuxnet Worm Ransomware attack in 2010, which remains one of the most powerful ransomware attacks in history (6). If you remember 2010, then you must recall 2015, when hackers supported by the Chinese government breached the computer system of the Office of Personnel Management and leaked information of over 22 million federal employees (6).
The lesson here?
Cyberattacks will only become more destructive and nefarious with time. Things are only just beginning…
The Modern Battlefield
Going forward, we must be vigilant and above all, remember not to underestimate these attacks simply because they are not physical. We are not living in an era in which war requires bloody battlefields, rifles, aircrafts, submarines, and other physical weapons. Instead, we are living in a world driven by technology, which can be used for as much violence, as it is used for impacting positive change and progress. Although the incident in Ukraine over the weekend was severe and must not be overlooked, we can anticipate many more attacks of a similar severity or otherwise, in the near future. The world is currently working towards refining and fully exploiting the power of quantum computing, autonomous machines, artificial intelligence, and cloud computing, all of which will no doubt play a significant role in cyber conflict (7,8). As our understanding of these technologies increases, it is inevitable that some will use these technologies for evil. Either way, we all need to understand and accept that cyberattacks are the future of war. Suit up, because we have never seen anything like this before.
References
1. https://www.nytimes.com/2022/01/16/us/politics/microsoft-ukraine-cyberattack.html
2.https://www.microsoft.com/security/blog/2022/01/15/destructive-malware-targeting-ukrainian-organizations/
3. https://www.cnn.com/2022/01/16/europe/ukraine-malware-microsoft-warning-intl/index.html https://www.reuters.com/world/europe/microsoft-says-it-observed-destructive-malware-systems-belonging-several-ukraine-2022-01-16/
4. https://www.politico.eu/article/cyber-security-russia-ukraine-nato-europe/
5. https://ca.finance.yahoo.com/news/biggest-cyber-hacks-2021-105645115.html#:~:text=1.,largest%20oil%20and%20gas%20companies.
6. https://cove.army.gov.au/article/the-future-cyber-conflict
7. https://www.honeywell.com/us/en/news/2020/10/the-future-of-cybersecurity
8. https://www.politico.eu/article/cyber-security-russia-ukraine-nato-europe/
9. https://www.kcl.ac.uk/news/will-the-next-war-be-a-cyberwar
Hope you enjoyed this post! Feel free to comment below!
Firstly, I would just like to say your post was very well written and it was quite informative. As you already mentioned we are living in a world where we are surrounded by electronic devices. All evidence of mechanical devices have been wiped off the face of the earth. Since times are changing and technology is getting more advanced and complex we are entering a new era. Some people might see the human race advancing to the next level but they forget the drawback these new tech savvy devices bring. I won’t go in detail about the new form of war i.e cyber warfare because the blog mentions great detail about it, but I would say that companies, governments and even individuals should be extra cautious in these changing times in order to prevent above mentioned attacks from happening again.
Thank you! I like your take on this. Although we are embracing technology at an unprecedented rate, it doesn’t necessarily mean that technology is a means to end with regards to war and conflict. If anything, conflict will continue if technology is used to perpetrate war.
You have a very interesting post here. It’s difficult to accept that conflict like this still goes on and has the chance of reoccurring in the future. I wonder to what extent the damage might arise before regular citizens start taking note and understand how detrimental things can get!
In today’s world technology has been increasing at a rapid rate and for every day-to-day activities we use technology and due to this we even use technology to fight with other countries, governments and in fact we also use it to access other people’s data which is highly unethical. Technology may have impacted us in a good way but there are people who would misuse it and try to have fights with other countries like as you mentioned the example of Ukraine and Russia. In a physical fight you are injured and you heal overtime. but this technological violence is something new and it cannot be healed once the damage is done its done, you will not progress since your enemy would have all the information about yourself and you won’t be able to grow positively and they would always have control over you and this is scary and considering that this is the new world, there’s no hope left for the humans.
Great Post!
This was really interesting post! It seems that as the volume cyberattacks escalates, cybersecurity is now on the radar of most companies. I believe that each organization should reduce the vulnerability by ensuring all operating systems, security software, applications, and tools are up-to-date and keeping track of evolving risks and continually improving their cybersecurity response as new threats emerge. I guess developing a response plan that includes backing up IT systems and data to prevent a disruption in operations will guarantee securing an organization against cyberattacks.