Gisec 2022 Cyber attacks on Ukraine are intensifying, experts say Security experts suggest current events could signal beginning of a cyber war The opening day of Gisec 2022 at the World Trade Centre
Hackers are allegedly aiming at Ukraine’s infrastructure, private companies and non-profit organisations as
part of a hybrid war on the country, which involves online attacks.
Experts at the Gulf Information Security Expo and Conference (Gisec), which runs until March 23 at the Dubai World
Trade Centre, described to The National the different types of digital attacks that Ukraine is facing.
“What we are starting to see in Ukraine is really the first step towards a hybrid type of war, where cyber is a
key component of what's going on,” said Camille Charaudeau, vice president of product strategy of a French
digital risk protection company CybelAngel.
Reports suggest Russia had launched hacking operations against Ukraine even before it invaded the country on February
24, but people working in the cyber security field have said the attacks are intensifying.
“Usually it starts with cyber and then goes deep into more traditional types of war. Ukraine is really an
example of what many were anticipating in that area,” said Mr Charaudeau. Delegates at Gisec, which runs until
March 23 at the Dubai World Trade Centre. Antonie Robertson/The National
A week before the invasion, at least 10 Ukrainian websites stopped working because of distributed denial-of-service
attacks, including those of the Defence Ministry, Foreign Ministry, Culture Ministry and Ukraine’s two largest
state banks.
Customers at Privatbank and Sberbank reported problems with online payments and banking apps.
And several hours before the invasion, Microsoft had detected a new round of offensive and destructive cyber attacks
aimed at Ukraine’s digital infrastructure.
"We remain especially concerned about recent cyber attacks on Ukrainian civilian digital targets, including the
financial sector, agriculture sector, emergency response services, humanitarian aid efforts, and energy sector
organisations and enterprises," Microsoft said in a blog at the time.
"We have also advised the Ukrainian government about recent cyber efforts to steal a wide range of data, including
health, insurance, and transportation-related personally identifiable information (PII), as well as other government
data sets."
Russia has also been targeted by cyber attacks since the conflict began. On February 25, online hacking group
Anonymous declared on Twitter that it was officially in a cyber war against the Russian government. Multiple Russian
government databases have since been erased or replaced with pro-Ukrainian text.
The group's news account also tweeted footage showing that they had hacked into Russian streaming services Wink and
Ivi, plus live TV channels Russia 24, Channel One, Moscow 24 to broadcast war footage from Ukraine.
Hackers continued to aim at Ukrainian military institutions, manufacturers and several other Ukrainian government
agencies days after the invasion.
Mr Charaudeau said private and non-profit organisations are also being attacked, even global companies with a
presence in the country were at risk.
CybelAngel is one of many cybersecurity companies that has been offering intelligence and defensive assistance to
Ukrainian companies, including those in the healthcare, finance, oil and gas and retail sectors.
“What we see in Ukraine is that there are a lot of assets that are exposed, which means there may be
confidential credentials and mentions of their projects that are exposed and accessible.
“As soon as we detect this, we proactively contact these organisations and let them know how that could be used
againstthem during a type of cyber war.”
Exhibitors gather on the opening day of Gisec 2022 at the World Trade Center in Dubai.
He said cyber criminals could prompt competitive espionage by leaking industrial or economic intelligence from a
company.
Ransomware is another possibility, where an attacker blocks an organisation from their own data and asks for money in
exchange for its return.
Jason Steer, chief information security officer at Recorded Future, an American intelligence company, said that
attacking a country’s infrastructure is well-known a strategy in cyber war.
“The types of systems you’d want to compromise would be telecommunications, “These [voice and
internet communication] are the two biggest because they are trying to identify location of systems and devices and
that becomes really powerful.
“Because of Internet of Things, everything works on the internet… the whole disruption just to the
entire banking and healthcare system, no one can go online, then all of a sudden, the country goes down very
quickly.”
After most of Ukraine lost internet access, billionaire Elon Musk opened up his Starlink satellite internet network
to the country.
However, the SpaceX founder warned users that the broadband service could be aimed at.
"Important warning: Starlink is the only non-Russian communications system still working in some parts of Ukraine, so
probability of being targeted is high. Please use with caution," he tweeted.
He also asked users to "turn on Starlink only when needed and place antenna away as far away from people as possible"
and "place light camouflage over antenna to avoid visual detection.