Russian-backed hackers, both on the ground and in cyberspace, have failed to meet their strategic goals for 2022 and are now turning to cyber espionage.
This describes the strategic shift from destructive attacks to cyber espionage, according to Victor Zora, Vice Chairman and Chief Digital Transformation Officer of the State Special Service for Communications and Information Protection of Ukraine (SSSCIP). Information security.
“We understand that cyber espionage operations operate in a quiet, covert mode and that their persistence within networks can last for months or even years. Wiping everything inside with a After the incident, you lose all access to the targeted system,” Zora said. Information security.
The ability to sit quietly within a network and obtain new information and have continuous access may ultimately prove more valuable to attackers. This is the case when an organization does not have sufficient oversight or qualified staff to do so, Zhora said.
read more: Google Report Reveals Russia’s Sophisticated Cyber Strategy in Ukraine
“Every operation starts with the initial access, which is basically why every attacking unit is looking for vulnerabilities and other ways to get into networks, including social engineering,” explained Zhora. To do. “The decision that follows is what to do next: lateral movement propagates within the network, asks for credentials, gains privileges, and broader capabilities to harm resources. is to have
fight the enemy
In a presentation given at Logpoint’s ThinkIn conference in Copenhagen on March 7, 2023, Zhora explained that in 2022 Russian hackers are following a common combat strategy of concentrating on civilian targets. .
By mid-2022, target types have shifted from mass media and telecommunications to civilian power systems.
However, Russia has had a gross failure of significantly disrupting Ukraine’s infrastructure through its cyber activities.
In Ukraine’s fight against Russia’s cyberwarfare, intelligence cooperation is critical, and SSSCIP’s industry partners include Google, Microsoft, Amazon, Mandiant, ESET, Cisco, and Logpoint.
Ukraine has an important cyber defense, many of which are provided by partners, but now all aspects need to be scaled up.
Cyber war continues
The overall impact of Russian cyber operations is much lower than dynamic operations, which can also be pointed to as an explanation for the shift away from destructive cyber attacks.
“Their hopes of quickly conquering Ukraine were mistaken, and perhaps the Russians understand that this war could last another year or more.
Zhora believes that kinetic warfare may end this year, or 2024 at the latest, activity may decline, but cyber conflicts are unlikely to end entirely.
“We can be more effective and our adversaries may be less active, but I don’t think cyber challenges and cyber threats will go away in a great day,” Zora said.
Ukraine is currently experiencing up to 10 major cyber incidents per day, with hackers targeting 2,194 Ukrainian entities in 2022.
