Did you know that, just by being activated remotely, a computer virus has the ability to erase all the data on your computer, cell phone or other technological equipment to the point of rendering it totally unusable? This is precisely what a Wiper does, one of the most destructive malware currently in existence and which, precisely, has wreaked havoc in the war between Russia and Ukraine.
Although the bombings and the deployment of troops and military weapons have shocked the entire world with images and videos through social networks, cyber attacks they are also in the eye of the storm due to evidence demonstrating their devastating power. War has ceased to be purely physical to also move to the digital world with a series of maneuvers and programs that disable or damage government and financial services and platforms, harming both the Government and the Armed Forces as well as ordinary citizens.
There is a wide variety of threats in cyberspace and the digital realm, but, What are the deadliest that have made an appearance at this event to date?
No culprits are pointed out
One detail to highlight before mentioning the most prominent cyberattacks in this war is that, despite the fact that the background may be a clear indicator of which agent could be behind these maneuvers, the authorship cannot be attributed to one side because deployment is not necessarily done from servers located in their territories. There may be clues but these could not be substantiated as conclusive evidence to blame someone in particular.
“So far, it has not been possible to attribute the cyberattacks to one or another actor. In reality, these have been presented in Ukrainian territory and institutions of that country, but it has not been possible to verify or indicate who the perpetrator was “indicated Miguel Angel Mendozasecurity researcher ESET Latin America to Trade.
Since the tension between Russia and Ukraine began to rise in early 2022, the cyber attacks they played a fundamental role in generating concern and lack of control in these nations. Emblematic is the case of WhisperGate which was recorded in mid-January. East malware affected about 70 government websites in Ukraine and caused various technological equipment to become inoperable by destroying important data in its storage.
Mendoza reported that this type of malicious software belongs to a family called wiperwhich are considered the most harmful for any technological equipment since it does not hijack information to ask for a reward in return, but completely deletes files and, depending on which ones are affected, can render the device totally useless.
“This is not new. In fact, in June 2017, Ukraine was also affected by malware of this nature which was called NotPetya since it was posing as ransomware Petyabut in reality it erased the information, operating as a wiper”mentioned the specialist.
However, WhisperGate it was not the only such virus involved in the conflict. On February 23, it was reported that a malware known as HermeticWiper had been activated on multiple computers and other technological equipment of the Ukrainian Government This malicious software it wiped out the data on the computers and left them completely out of service, needing to be remounted to function normally.
“This malicious code affected hundreds of computers in Ukraine by making malicious use of legitimate drivers, which are used for hard disk management. That is, he used a legitimate tool to corrupt the data of the systems that were affected”Mendoza explained, also emphasizing that he does not know for sure when these devices were infected since it was recorded that the date of creation of this variant of wiper is he December 28, 2021an indication that the cyberattack would have been planned since then.
“On how it came to infect computers, we are not sure of all the attacks, but in at least one of them, the attackers had access to the victim’s network before being able to release the malicious code. This means that, previously, they compromised the security of the organization and, later, executed the malware”mentioned the expert.
Denial of service (DDoS) attacks
Of course, there were also DDoS attacks. These consist of overloading the servers of a website or digital platform using bots or other methods that generate millions of access requests in the shortest possible time. Thus, not being able to support so many requests, the services fall without the possibility that they can be used.
Prior to the start of the war and so far, there have been dozens of these attacks whose main objective was to saturate the websites of ministries and other entities related to the Governments of Ukraine and Russia, with the involvement of the group of hackers Anonymous after declaring a “cyber war” on Vladimir Putinas well as to banking services to generate commotion among the population.
One of the latest cases involves malware FoxBladewhich was discovered by Microsoft a few hours after the invasion of Ukraine. Brad Smith, president of the technology firm, stated that this virus has the ability to erase all data on a computer network, making it malicious software just as deadly as its other “relatives” in the family wiper.
“Several hours before the missile launch or tank movement on February 24, the Microsoft Threat Intelligence Center (MSTIC) detected a new round of offensive and destructive cyberattacks directed against the digital infrastructure of Ukraine. We immediately notified the Ukrainian government of the situation, including our identification of the use of a new package of malware (what we call FoxBlade), and we provide technical advice on the steps to follow to avoid the success of the malware”Smith said in an official statement from microsoftalso stating that the company will support Ukraine deal with these technological threats.
Technology at the service of war
Although technological advances are extremely useful to humanity and have made it possible to do impressive things that were previously unthinkable, they have also created new concerns for governments and the population when they are used for these types of purposes. Regarding how cyber attacks could evolve throughout this armed conflict and based on background information, Mendoza indicated that The most worrying thing is that they will affect basic services for the subsistence of citizens.
“For example, blackouts in Ukrainetowards the end of 2015, which were related to a Trojan called BlackEnergy, a destructive malware with a component or different modules that were capable of shutting down critical systems. Let us also remember the 2016 attacks against the electricity network of Ukraine, which left a section of Kiev without power for about an hour . This case was related to a cyberattack, where the malware known as ‘Industroyer’which was mainly aimed at industrial control systems”mentions the researcher.
However, the intimidating thing about cyber warfare is that, since cyberspace is free, anyone with sufficient knowledge and ability can get involved without the need to comply with orders from any side, for their own interests or with the simple intention of causing more chaos. in such a complicated situation. Something we have already witnessed with anonymous and his legions of hackers attacking Russia in the middle of the war
“Cyberspace can become a battlefield as these groups continue to affect each other, and as different groups of sympathizers, with one side or another, begin to get involved in the conflict. So, it is very likely that cyberspace will also become a battlefield, added to what is already being observed in other areas “Mendoza sentenced.
The technology industry against Russia
Since Russia began his military incursion to Ukrainethe sanctions that both international organizations and other countries have imposed have not stopped and are increasing over time as a measure to stop the war between the two nations.
In the world of technology, companies of the stature of Google, Meta (Facebook), Snapchat, SpaceX and Apple – to name a few – have decided on all kinds of new policies and strategies so that Russia backing down from his military crusade, supporting Ukraine and rejecting the actions of Vladimir Putin and his management.
The situation has escalated to such an extent that Mykhailo Fedorovdeputy prime minister of Ukrainerequested the Internet Corporation for Assigned Names and Numbers (ICANN) to Russia be disconnected from the Global Internet as a result of the invasion of Ukraine.
Nevertheless, Russia doesn’t seem to want to back down. Serguei Lavrov, Russian Foreign Minister, threatened that Joe Biden, President of the United States, knows that “the only alternative to sanctions against Russia is World War III and that would be a devastating nuclear war.”