Online security

As Russia invades Ukraine, threat of cyber escalation looms

Governance and Risk Management , Government , Industry specific

White House denounces Putin’s decision to introduce ‘peacekeeping force’ in Donetsk and Luhansk

Mathew J. Schwartz (euroinfosec) •
February 22, 2022

Ukrainian President Volodymyr Zelenskyy denounced the Russian incursion, saying it was “a violation of the sovereignty and territorial integrity of our state”.

Russian troops entered Ukraine. But it’s unclear whether that military incursion alone will trigger strong sanctions from the United States and NATO allies, or be bolstered by cyberattacks that target Ukraine or its allies.

See also: Live chat today | Improve your data security posture to speed up ransomware recoveries

Ukrainian President Volodymyr Zelenskyy denounced the measures taken by the Russian Federation, saying it was “a violation of the sovereignty and territorial integrity of our state”.

Russian President Vladimir Putin announced the decision in a lengthy speech on Monday. He called Russia’s decision to involve “peacekeeping forces” aimed at supporting two breakaway Moscow-backed regions in Ukraine – Donetsk and Lugansk – which are part of the country’s eastern region known as Donbass.

In response, President Joe Biden “strongly condemned President Putin’s decision to recognize the so-called People’s Republics of Donetsk and Luhansk,” and the administration “will continue to consult with our allies and partners on diplomatic solutions and implications.” that we will impose on Russia”. should he invade Ukraine further,” a senior White House official said at a Monday press briefing, speaking on condition of anonymity.

Britain, France and Germany have also agreed to respond to Russia’s move with sanctions, and the White House will announce additional measures on Tuesday, Reuters reports.

The White House official said Putin’s specific attempt to label the invasion a peacekeeping mission was also anticipated by the Biden administration (see: Cybersecurity preparedness advised as Russian threats loom).

In response, Biden issued an executive order on Monday “that will prohibit new investment, trade and financing by American persons to, from, or within the so-called DNR and LNR regions,” the official said. “This EO will also give the power to impose sanctions on anyone determined to operate in these areas of Ukraine.”

Biden spoke with Zelenskyy, as well as French President Emmanuel Macron, on Monday evening.

Putin announced his decision to move forces to Donetsk and Luhansk on Monday in a lengthy speech filled with a long list of historic grievances. “Let me emphasize once again that Ukraine for us is not just a neighboring country,” Putin said. “It is an integral part of our own history, culture, spiritual space. They are our comrades, our relatives, among whom are not only colleagues, friends, former colleagues, but also relatives, people related to us by blood, family ties.”

Adding to the confusion, on Tuesday Russia said it recognized the independence of not just the Donetsk and Lugansk regions, but beyond, the Associated Press reports.

White House: Russia already occupies regions

Provided Russian forces do not advance beyond Donetsk and Luhansk, Moscow’s moves may not be enough to trigger strong sanctions, given that Russia is already occupying those areas, at least on the sly, a said the White House official.

“I want to step back here and point out something that can be lost on people who have not paid attention to this conflict for most of the past eight years, which is that Russia has occupied these areas since 2014,” he said. said the manager. noted. “It is Russia’s position that there are no Russian forces present in this part of Donbass. … They are apparently making the decision to do it in a more open and open region and a big part of why she’s been so unstable since 2014.”

Senate Foreign Relations Committee Chairman Sen. Bob Menendez (D-NJ) called on Russian forces to make no further progress. “To be clear, if additional Russian troops or proxy forces enter Donbass, the Biden administration and our European allies must not hesitate to impose crushing sanctions. There must be tangible, significant and substantial costs for Russia in response to this unwarranted act,” he said.

“Despite repeated efforts to open the door to diplomacy, Vladimir Putin has chosen the path of conflict,” he added. “Using Ukraine as a battleground to wield Kremlin influence only deepens our resolve to stand with the Ukrainian people so they can finally live in peace, determine their own future, and live in freedom. “

Addressing the British House of Commons on Monday, Defense Secretary Ben Wallace noted that an invasion seemed imminent, given the mass of ground forces.

“We should have no illusions,” he said. “Russian forces have now massed on Ukraine’s borders 65% of all their ground combat power. The present formations and Russian state action to date not only threaten the integrity of a sovereign state, but undermine international law and the democratic values ​​that all of us in Europe so strongly believe in.”

Wallace promised Britain’s help to defend Ukraine. “We have made clear our determination to maintain NATO’s defensive principles and to defend the right of sovereign countries to make choices regarding their own security arrangements,” he said. “The Ministry of Defense will continue to monitor Russian actions, support Ukrainian defensive efforts and contribute to NATO response measures.”

Threat of cyberattack

Ukraine remained on high alert not only due to the massive Russian forces on its border, but also the threat posed by cyberattacks. Russia has never been shy about launching disruptive attacks, including attacks on its power grid in 2015 and 2016.

In 2017, the destructive malware attack NotPetya Wiper was launched via Ukraine’s leading tax software vendor, wreaking havoc around the world. The CIA attributed the attack to the Russian military intelligence unit GRU

Since last December, security experts have reported that they have been tracking an increase in cyberattacks targeting Ukraine, apparently from Russia (see: Cyber ​​activity increases as Russia masses on Ukrainian border).

The White House says Russia has waged disinformation campaigns aimed at undermining the legitimacy of President Zelenskyy.

Last month, several Ukrainian government sites were defaced and some erasing malware was also used to target government systems (see: Ukraine Malware Wiper Linked to Summer 2021 Intrusions).

In response, Western cybersecurity agencies have warned all organizations to review their business resilience readiness, in case cyberattacks on Ukraine begin to cause collateral damage (see: Cyberattack spillovers from Ukraine: be prepared, UK warns).

Report: Ukrainian domains may be disrupted

Ukraine’s computer emergency response team, CERT-UA, issued an alert on Monday warning that sites hosted in Ukraine’s top-level domain – .ua – could be targeted for disruption.

The alert was based on a post on the RaidForums cybercrime forum, which has since been deleted. “The report referred to renting servers to prepare for new attacks on public sector, banking and defense sector websites,” CERT-UA said. “According to this message, the attacks would target web resources hosted in .ua domains.”

CERT-UA urged anyone who sees “signs of cyberattacks or abnormal actions in your information systems” to report it immediately to the government.

Stay tuned for updates on this breaking story.