DDoS attacks on Ukrainian groups were promptly traced to Russian intelligence by the UK and US governments last week.
The intrusions on February 15 and 16 were “very certain” the work of the Russian Main Intelligence Directorate, according to a National Cyber Security Centre (NCSC) message released on Friday (GRU).
a spokesperson of Foreign Office said, “The attack showed a continued disregard for Ukrainian sovereignty. This activity is yet another example of Russia’s aggressive acts against Ukraine,”.
In a news briefing the same day, US deputy national security advisor for cyber, Anne Neuberger, echoed the same thoughts. “This disruptive behavior is unacceptable. Russia must stop this activity and respect Ukrainian sovereignty. We are steadfast in our support for Ukraine in the face of Russian aggression.”
She went on to say that the attacks could be the beginning of a wider campaign timed to coincide with a military invasion of Ukraine.
she said: “The US government believes that Russian cyber-actors likely have targeted the Ukrainian government, including military and critical infrastructure networks, to collect intelligence and pre-position to conduct disruptive cyber activities,”. “These disruptive cyber-operations could be leveraged if Russia takes further military action against Ukraine.”
Russia “likes to move in the shadows,” according to Neuberger, and relies on the fact that western governments generally take their time with attribution so it can continue its destructive internet activity, including pre-positioning, undetected.
This is most likely why the decision to publicly embarrass the Kremlin was made.
This is most likely why, following the DDoS strikes last week, the decision to identify and humiliate the Kremlin was made so quickly.
According to Neuberger, the US government has been doing “intensive outreach” with critical infrastructure (CNI) providers for some months in preparation for a possible attack on its own critical infrastructure. Government institutions have gone to “extraordinary lengths” to share information with the business sector, including technical indicators of earlier Russian strikes on Ukraine’s critical infrastructure.
she said: “We advise our private sector partners to practise incident response strategies and implement cybersecurity defences like encryption and multi-factor authentication (MFA),” as rerted by infosecurity-magazine.
UK ready to launch retaliatory cyber-attacks on Russia, defence secretary tells MPs Ben Wallace Says: ‘I’m a soldier, I was always taught the best part of defence is offence,’ – pointing to new ‘offensive cyber capability’
Last March, Mr Wallace unveiled a new defence command paper, which promised a “National Cyber Force will lie at the heart of defence and GCHQ’s offensive cyber capability”.
on current crisis, he said: “It has already been established and has started to grow. I cannot comment on the operations it will undertake.”
Meanwhile NCSC-NZ Releases Advisory on Cyber Threats Related to Russia-Ukraine Tensions
The Australian Government joins the United States and the United Kingdom in publicly attributing the cyber attacks against the Ukrainian banking sector on 15 and 16 February 2022 to the Russian Main Intelligence Directorate (GRU).
The Cyber Attack Predictive Index, or CAPI, was created by Anton Dahbura, executive director of the Johns Hopkins Information Security Institute and co-director of the Johns Hopkins Institute for Assured Autonomy, and Terry Thompson, a cybersecurity and global affairs expert who is also affiliated with the Johns Hopkins School for Advanced International Studies, predicts the possibility of future cyber conflict between nations.
Following prior CISA cautions about the threats presented by Russian cyberattacks for US critical infrastructure, the US Cybersecurity and Infrastructure Security Agency (CISA) recently issued a warning about the potential of Russian cyberattacks spilling over onto US networks. In the event of sanctions and market disruptions, the European Central Bank (ECB) has warned European financial institutions of the potential of retaliatory Russian cyber-attacks.
Early cyber skirmishing has already begun, with Ukrainian government networks and banks being targeted in the last week, and vigilant U.S. businesses reporting a significant rise in cyber probing. “We have observed threat organisations that have been ascribed to the Russian government by U.S. government agencies doing reconnaissance against U.S. industrial infrastructure, including important electric and natural gas installations in recent months,” said Rob Lee, CEO of the cybersecurity firm Dragos.
The Cybersecurity and Infrastructure Security Agency (CISA) published the “Free Cybersecurity Services and Tools” webpage intended to be a one-stop resource where organizations of all sizes can find free public and private sector resources to reduce their cybersecurity risk. The catalog published today is a starting point. Going forward, CISA will incorporate other free services into the catalog.
The initial list includes services and tools from CISA, open source community, and private and public sector organizations across the cybersecurity community including Joint Cyber Defense Collaborative (JCDC) partners.
Moscow says it has ‘nothing to do’ with the attacks, which Washington immediately pinned on Russia
The Russian embassy in the United States has stated that Moscow had “nothing to do” with the cyberattacks on Ukraine’s Defense Ministry and a number of banks. Even the White House has recognised that it laid the blame on the country with “extraordinary” haste in this case.
“We categorically reject the administration’s baseless statements and note that Russia has no involvement in the aforementioned events and, in principle, has never conducted and does not conduct any malicious operations in cyberspace,” the Russian diplomatic mission said late Saturday in a statement.
The US believes hackers working with Russian military intelligence were responsible for distributed denial-of-service (DDoS) attacks reported by Ukraine’s Defense Ministry and some of the country’s financial institutions earlier this week, according to White House Deputy National Security Advisor Anne Neuberger.
The UK is prepared to unleash cyber assaults on Russia if Moscow targets Britain’s computer networks following the invasion of Ukraine, according to the military secretary.
Ben Wallace, in a Commons address, mentioned the UK’s “offensive cyber capabilities,” which is being developed at a facility in the north west of England.
“I’m a soldier, and I’ve always been taught that the best defence is offence,” he told an MP, who urged him to “give as good as we got back to Russia” if necessary.