UKRAINE: ReuteHackers who defaced and interrupted access to numerous Ukrainian government websites on Friday could be setting the stage for more serious cyberattacks that would disrupt the lives of ordinary Ukrainians, experts said.
“As tensions grow, we can expect more aggressive cyber activity in Ukraine and potentially elsewhere,” said John Hultquist, an intelligence analyst at U.S. cybersecurity company Mandiant, possibly including “destructive attacks that target critical infrastructure.”
“Organizations need to begin preparing,” Hultquist added. Intrusions by hackers on hospitals, power utility companies, and the financial system were until recently rare. But organized cybercriminals, many of them living in Russia, have gone after institutions aggressively in the past two years with ransomware, freezing data and computerized equipment needed to care for hospital patients.
In some cases, those extortion attacks have led to patient deaths, according to litigation, media reports and medical professionals.
Friday’s attack on Ukrainian websites included a warning to “be afraid and expect the worst”, at a time when Russia has amassed about 100,000 troops near Ukraine, raising fears in the West that it is considering an invasion. Moscow denies it wants to invade.
Russia has repeatedly rejected hacking allegations levelled by Ukraine and other countries over the years. While a suspect in the new web defacements, Russia has not been directly accused by Ukraine.
In 2014 Russian troops went into the Black Sea peninsula of Crimea and annexed it from Ukraine. If Russia invades again, more cyberattacks would occur too, predicted former CrowdStrike cybersecurity executive Dmitri Alperovitch.
They would most likely be disruptive, not fatal, Alperovitch said. “It will be a sideshow. The main show will be on the ground.”
Ukraine has already borne the brunt of some of the largest hacks on infrastructure to date.
In December 2015, a first-of-its-kind cyber attack cut the lights to 225,000 people in western Ukraine, with hackers also sabotaging power distribution equipment, complicating attempts to restore power.