Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Enterprises Need To Prepare for Broader Cyberwar

cyber security
(Source: Image by Pete Linforth from Pixabay)

As the fighting in Ukraine escalates and it looks like Russia won't have the quick and easy victory it anticipated, the war is already having spill-over effects.

In the physical world, that means a flood of refugees escaping the conflict and its economic effects such as spikes in oil prices. A lot of the damage is to Russia itself, with harsh economic sanctions putting its financial system under extreme strain.

In the cyber arena, most of the damage so far has been inside Ukraine and, in retaliation, there have been some nuisance attacks against Russian targets. But that is likely to change, especially as Europe, the US, and other countries step up their sanctions against Russia.

"I fully expect there will be more cyberattacks against Ukraine, and that it will spill over," said Rahul Telang, professor of information systems at Carnegie Mellon University's Heinz College. "If the US takes steps against Russian financial interests, you cannot deny that something like that can happen."

Russia has a long history of using cyber attacks against its enemies. In 2007, Russian hackers disabled Estonia's Internet and launched Denial of Service attacks on government offices and financial institutions – all because the country wanted to move a World War II memorial.

The following year, Russia attacked the Internet in Georgia, a former Soviet republic. The attack was timed to correspond with a physical invasion by Russian troops.

In 2009, Russian attackers took down Internet service providers in Kyrgyzstan in order to pressure the country to evict a US military base.

In 2014, cyber attacks briefly took down the country's election system. Soon after, when Russia seized Crimea, a massive denial of service attack took down the Ukrainian internet.

The following year, Russia expanded the targeting of these attacks. First, there was the hack of the Democratic party computers, as well as attacks on government computers in Germany and the Netherlands.

The most globally damaging attack was NotPetya. It started with malware planted in a software update for an accounting system popular in Ukraine – a similar tactic to the one that Russia used with SolarWinds in 2020.

But the NotPetya malware wasn't just a backdoor, like the SolarWinds hack, but a self-propagating worm that spread quickly beyond the country’s borders.

At first, NotPetya was mistaken for ransomware, similar to the North Korean worm WannaCry. But rather than encrypting files and making people pay ransom to get them back, NotPetya simply destroyed them. It did an estimated $10 billion worth of damage, including more than $1.4 billion to pharmaceutical giant Merck, $300 million to shipping conglomerate Maersk, and $100 million to Mondelez International, the company that makes Oreos and Triscuits.

Read the rest of this article on Data Center Knowledge.