The full-scale invasion of Ukraine was beyond most expectations. Many of us watching the developments felt that Russia would take the easy gains of the eastern separatist region of Ukraine and slowly eat away at the rest of a sovereign nation over the coming years. The brutal and relentless approach Russia is taking instead shows the broad and global power grab taking place.
The Ukraine military is and will continue to put forth a strong fight against an opponent with overwhelming resources. Cyber-attacks including distributed Denial of Service (DDoS) that hit the Ukrainian defense and banking sectors will be launched as often as actual bombs in this war. The lack of widespread reporting of cyber attacks does not mean they aren’t happening. Much like a cancer, cyber is mostly invisible and once the attack is public or the effects seen, it is too late.
Unlike a cancer, this war and associate damage will not stay within the borders of Ukraine. On the digital battlefield, the intensive attacks and methods Russia and Russian-sponsored hacker groups (like Sandworm) use to weaken Ukraine are indiscriminate. These sophisticated attacks automatically and autonomously search out and infect other systems that can be compromised. Once these “worms” are launched, no human has control over where and when these virus’ attack or how far they will reach. Two public and destructive instances have already been used by Russia.
First, in conjunction with the start of the Ukraine invasion, satellite internet provider Viasat (a U.S. company) had a large outage of its service due to a cyber attack. This affected Ukraine but also tens of thousands of subscribers across EU and NATO countries. More importantly, 5300 wind turbines were knocked offline in Germany and Central Europe. Clearly attributed to Russia, these are examples of the widespread collateral damage of modern cyber warfare.
Second, last Wednesday the U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced that an older threat called “Cyclops Blink” was reactivated and may be able to access more networking devices that originally thought when it was discovered in 2019. Russian-backed hacking groups used similar approaches to deploy malware like WannaCry and NotPetya, which each inflicted worldwide damage costing billions of dollars.
So now, if we consider that these cyber attacks have been as destructive as bombs or guns, Central and Western Europe and a U.S. company have already been attacked and every internet connected country is vulnerable to the cyber battle in Ukraine. Vladimir Putin has declared that a “no-fly zone” or direct military support to Ukraine would be considered an act of war. What do we call a cyber attack that takes out major electricity providers in Germany? Does that not equate to an already launched act of war? The US and our allies need to revisit the rules of what is considered an “act of war” and increase the accountability of any nation that threatens national sovereignty in any domain: land, sea, air, space, and cyberspace. Bring together a coalition to rewrite the rules of engagement for cyber, bring the commercial community (with their experts and skilled Threat Centers) to the table as partners in this effort and as fellow combatants in this war.
Today, we need to continue the pressure and increase support to defeat the Ukraine invasion on both the physical and cyber battlefield. A fallen Ukraine changes the physical security of Europe. Even worse, a fallen Ukraine tells Russia, and others, that there is no consequence for cyber damage, collateral or otherwise. If that is the case, NATO nations should prepare themselves to be the next targets.
___________________________________________________________________________________
Grey Market Labs® is a Certified B-Corp founded with the mission to protect life online. Our Replica™ platform orchestrates, automates, and secures Environments-as-a-Service, making organizations more protected with our patented privacy and Zero Trust architecture and more productive by increasing access to critical data, tools, and workflows simply, on-demand, anywhere. Replica™ support of dozens of use cases that span industries: from disrupting fraud on the dark web, to supporting military operations, combatting human trafficking, and enabling trusted data sharing in healthcare.
Grey Market Labs® is the first cybersecurity product company recognized as a Certified B-Corp organization.
Contact us to see how we can work together.
