Russia’s cyberattacks against Ukrainian civilian and critical infrastructure has shown what it looks like when cyberattacks are part of warfare. What remains to be seen is whether the world will treat them as war crimes.
“For too long, the world has been considering cyber terrorism as something unrealistic, too sci-fi-ish, and cyber weapons as not posing any serious threat,” says Victor Zhora, deputy chairman and chief digital transformation at the State Service of Special Communication and Information Protection of Ukraine (SSSCIP). “Russia’s war against Ukraine has proven such thinking wrong.”
According to SSSCIP research and military experts, the war is a hybrid one, with “clear correlations between cyberattacks, kinetic and information attacks,” Zhora says. For example, the energy sector has been targeted by both cyberattacks and missile attacks since the start of the invasion.
Public authorities and local governments, which “operate for civilians’ benefit and are vital for the country,” are the most targeted, Zhora says. The CERT-UA (Computer Emergency Response Team of Ukraine) last year manually processed 2,194 incidents, with only 308 specifically aimed at the security and defense sector. The situation has remained similar this year — between January and April, CERT-UA handled 701 incidents, with only 39 of them directed at the security and defense sector.
It’s not just critical infrastructure that is under attack. Zhora says the Russians have also deployed massive campaigns aimed at harvesting Ukrainian citizens’ personal data, but that the purpose of those activities remains unclear to him.