Russian cyberattacks are struggling to impact Ukraine’s networks The destructive “wiper” malware seen in Ukraine. (Dreamstime/TNS)
Russian cyberattacks have so far struggled to successfully target Ukraine’s critical national infrastructure, according to government officials.
While they are aware of Russian intent to disrupt or infiltrate Ukrainian systems, according to the officials, they have continued to function and Ukraine has mounted a strong defense.
Many denial-of-service attacks targeting Ukraine are of low sophistication and impact, the people said, who asked not to be identified discussing private information. The country’s experience fending off major cyberattacks since 2015 may have helped prepare it for recent attempts, they added.
The destructive “wiper” malware seen in Ukraine is more insidious and the officials said they are on alert for it appearing outside the country. In the hours prior to Russia’s invasion, some Ukrainian government agencies were targeted with the software, which deleted data held on infected computers.
More aggressive network take-downs or attacks may not fit with Russian objectives, they added, and Russia could even be leaving the broadband network active for its own means to gather intelligence.
More than 400,000 people have volunteered to help the Ukrainian government, using digital means to disrupt Russian government and military targets, according to a Ukrainian cybersecurity official.
Although cyberattacks within Ukraine have had mixed success, there have been significant attacks on other targets. U.S., French and Ukrainian intelligence agencies are investigating an apparent cyberattack against ViaSat Inc., according to a report from Reuters.
The U.K. is now also investigating the attack, according to people familiar with the situation.
A spokesperson for the U.S. National Security Agency said, “NSA is aware of reports of a potential cyberattack that disconnected thousands of very small aperture terminals (VSATs) that receive data to and from a satellite network. We continue to work with interagency partners and allies to assess the scope and severity of the incident.”
A European official told Bloomberg that the interruption was likely a cyberattack and that agencies were investigating to determine any potential attribution.
It’s one of the highest profile cyber incidents seen during the Russian invasion of Ukraine, and could be “spillover” from the conflict, said the officials, who asked not to be named discussing confidential matters.
It is not known whether the hack is attributed to Russian activity.
ViaSat previously said they believed a partial network outage affecting customers in Ukraine was “caused by a cyber event.” Representatives for the California-based company didn’t immediately respond to a request for comment outside of ordinary business hours.
French internet provider Nordnet also said that the incident had disrupted some of its services.
The U.S. Department of Homeland Security and FBI issued a warning Thursday urging organizations to lower their threshold for reporting malicious cyber activity potentially affecting satellite networks.
___
© 2022 Bloomberg L.P Distributed by Tribune Content Agency, LLC