The Russian invasion of Ukraine is also the first cyberwar in history. That has been one of the main conclusions of the kyiv Cyber Resilience Forum, held on February 7 and 8 in the Ukrainian capital. Representatives of cybersecurity agencies from Ukraine, the United States, NATO and the European Union analyzed in this forum collaboration on defense systems for their digital networks. The meetings yielded a relevant conclusion: that the Kremlin is using its cooperation with China to carry out cyber attacks against Ukraine.
Jen Easterly, director of the US Cybersecurity and Infrastructure Agency (CISA), assured that her Government's priority is to confront Beijing's interference in her country. “China is the big threat in the long term, although we still have our focus on Russia,” Easterly explained. “When the invasion began we increased our measures in case of retaliation. And what we have seen is that Russia and China are cooperating.”
Serhii Demediuk, undersecretary of the National Security Council of Ukraine, confirmed to EL PAÍS that they have detected in their cyberspace the consequences of this collaboration between Moscow and Beijing: “We are aware of the knowledge provided by China [a Rusia], although we cannot know precisely how it is being used.” Demediuk did confirm that Chinese spy programs have been used “for attacks with destructive purposes in Ukraine.” Data hijacking programs developed by China have also been used in attacks on Ukrainian institutions.
In March 2022, just one month after the invasion began, an attack was already detected in Ukraine that leading cybersecurity analysis centers, such as SentinelOne confirmed that it used a malicious program developed by Scarab, a hacking group linked to the Chinese government. The United Kingdom's National Cyber Security Center announced in April of that year that it was investigating an alleged massive Chinese attack against 600 Ukrainian websites in the days before the invasion, including that of the Ministry of Defense.
Vice President of the European Commission Vera Jourová warned the Chinese authorities in September 2023 in the newspaper Political that they should not support Russia in the invasion: “We consider that the way in which China gets involved in Russia's war against Ukraine is a determining factor in relations with the European Union, and this includes aspects related to cybersecurity and to misinformation.”
Demediuk stated during one of his interventions that Moscow has mimicked the Chinese internet censorship systems: “Now they are testing it in their own countries, the weaknesses of the DNS protocols [los dominios que utilizan las aplicaciones y páginas de internet]”While we worry about the defense of our own countries, that is why we must strengthen international alliances.” “This morning, while we were being bombed in kyiv, we were also suffering from cyber attacks,” the deputy secretary of the National Security Council said on Wednesday, “they work with hackers from China, Iran, Belarus and North Korea. “They prove it every day.”
Join EL PAÍS to follow all the news and read without limits.
Subscribe
“There is no gray area”
“There is no longer a gray area, now the world is black and white, you are in one block or another,” says Yegor Aushev, cybersecurity expert and one of those responsible for organizing the Kiev Forum. “Any technology that China brings to Russia will be used to attack.” Aushev assures that a fundamental difference is that the contributions of NATO partners to Ukraine are for defense, not for attack.
Juhan Lepassar, director of the EU Cybersecurity Agency, announced that the new financial aid plan for the Ukrainian Government, which amounts to 50 billion euros, includes an item that will be allocated to cybersecurity programs. The US Congress and Senate are blocking the more than 55 billion euros that President Joe Biden's Administration wants to allocate in assistance to Ukraine, especially military assistance. Nathaniel Fick, Biden Government ambassador for Cyberspace and Digital Policy, told EL PAÍS that there are other ways to overcome the legislative blockade and provide US aid in the area of cybersecurity.
Fick specifically mentioned the so-called Tallinn Mechanism, an alliance that came into force last December, formed by the United States and nine other countries to quickly provide cybersecurity resources to protect civil infrastructure. “Ukraine sets the priorities and the members of the group coordinate to respond as quickly as possible,” explains Fick: if Ukraine requires, for example, priority assistance to protect satellite connections, the Tallinn Mechanism will address it in the first instance, he indicates. this senior American and military official in the reserve.
Demediuk and Ilia Vitiuk, head of the Cybersecurity Department of the Ukrainian secret services (the SSU), celebrated that the United States is accepting that what Ukraine suffers is not cybercrime but acts of war through the Internet and telecommunications networks. This is essential, they indicated, to open judicial cases in the future that prosecute them as war crimes. “The Russian invasion of Ukraine is the first modern war to incorporate a significant cyberwar component,” wrote researcher Vera Mironova in 2023 for the Atlantic Council, a center for geopolitical studies in the United States.
Vitiuk told this newspaper that the Russian missile attacks have been accompanied by simultaneous attacks against the servers of the Ukrainian organizations that are the target. This is what happened in the autumn 2022 and winter 2023 bombing campaign against the Ukrainian energy network, says this senior SSU employee. Andy Greenberg, one of the most recognized journalists in the investigation of Russian computer hacking, asserted in 2023 on his social networks that what happened during the bombings against the Ukrainian power grid is unprecedented: “The Russian Sandworm hackers [grupo vinculado a los servicios secretos del Kremlin] They attacked Ukraine's power grid three times to cause a blackout. In the last one, it coincided with a missile offensive, it is the first attack of its kind that combines physical and digital aggression.” The same thing also happened in the 2022 missile attack on kyiv's main television broadcast tower, according to Vitiuk.
The National Security Council of Ukraine defines a cyber attack as an act of war when it has a destructive purpose, is carried out by military units or financed by a State. Vitiuk completed the description by indicating that they are also acts of cyberwar if the State trains the experts who carry them out. The SSU representative conceded that legitimate attacks in a war are against military objectives, but Russia above all focuses its aggression against civilian infrastructure.
Aushev defended, citing Vitiuk, that Ukraine is hitting military data and telecommunications systems in Russia, which would be a legitimate target in war. But leading international organizations report otherwise. The Institute for Cyberpeace, based in Switzerland, in a report published last December, concluded that at least since the beginning of the invasion and until September 2023, it had recorded more than 300 cyberattacks against Russian civilian organizations, and that the main attacker is the so-called IT Army of Ukraine, a large network of hackers with support from the kyiv Government, according to this institute.
The Institute for Cyberpeace confirmed 574 attacks against Ukrainian civil organizations in the same period. The SSU claims that in the almost two years of war it has faced 10,000 major cyber attacks, with a daily average of 13 attacks.
Follow all the international information on Facebook and xor in our weekly newsletter.
Subscribe to continue reading
Read without limits
_
#Ukraine #assures #Russia #Chinese #collaboration #cyber #attacks