Ukrainian war, cyberattacks new ground for international confrontation

Kiev calls for volunteers to defend the country's critical infrastructure and spy on Russian moves. Meanwhile, the Kremlin and the upper house of the Moscow parliament come under attack. The White House prepares the counter-strategy. Baldoni auditioning at Copasir next week 25 Feb 2022 Antonello Salerno

The war between Russia and Ukraine is not only fought on the ground, but also in cyberspace. And it involves a larger number of states and organizations that want to play a role in the dispute. On a national level, the latest news concerns the alarm launched yesterday by the Italian Cybersecurity Agency, which highlighted the need to raise the defenses to prevent and counter potential attacks, and yesterday's extraordinary Copasir meeting, with the hearing of the prefect Franco Gabrielli, delegated authority for the security of the Republic. In his report Gabrielli also illustrated the repercussions on national security of the current crisis, "with particular reference - explains a note - to the theme of energy supply, cyber security, the effects on migratory flows and the impact on the international scenario" . Copasir president Adolfo Urso also announced that Roberto Baldoni, president of the Italian Cybersecurity Agency, is scheduled to hear the committee next week. Index of topics The United States and the cyber warfare option However, the cyber attack card is not exclusively a prerogative of Anonymous. According to what was reported by the US television network Nbc News, cyberattacks are also one of the possible cards to weaken Russia in its military campaign against Ukraine. In the past few hours, the tenant of the White House has been presented with a range of hypotheses to launch cyberattacks "on a scale never contemplated before" against Moscow, developed by US intelligence and cyber military experts. According to reports from Nbc, which cites sources aware of the dossier, among the possibilities in the field there would also be that of interrupting Internet connections in Russia, the interruption of electricity or the tampering of railway exchanges

The first cyber attacks hit Meanwhile, news leaked from Russia about the first cyber attacks that are already hitting Moscow institutions, with offensives that have targeted the websites of the upper house of Parliament and the Kremlin. The news comes from parliamentary sources in Moscow, cited by the Ria Novosti news agency: "The cyberattacks have hit not only the Federation Council site, but also the presidency site," explains the agency. The White House prepares defenses against Moscow's cyber counter-offensive But in addition to thinking about attacking Russia to weaken its military action, the United States is also equipping its defenses against a possible counter-offensive by Moscow in terms of cyber attacks and online disinformation. The coordination of activities, according to CNN, has been entrusted to the Washington Department of Internal Security, which has set up a group to monitor Russian activity and to coordinate all federal agencies involved. The team will be led by Executive Director of Cybersecurity and Infrastructure Security Agency, Brandon Wales. "Although at the moment there are no specific threats to the country - reads an agency ntoa - the DHS is taking appropriate measures to ensure that federal efforts are coordinated in case of need" Ukraine is rallying hackers to organize cyber defenses According to reports from Reuters in the last few hours, the Ukrainian government is also committed to organizing defenses against Russian aggression on a cyber level, and is looking for specialized volunteers who can make themselves available to protect the country's critical infrastructure from Russian offensives, as well as than to organize cyber espionage missions against the Moscow army. The requests of the Ukrainian government were reported to have been disseminated on the forums most frequented by hackers immediately after the Russian attack yesterday morning. According to the analysis of the attacks that have targeted the infrastructures in Ukraine, the emergence of the HermeticWiper malware is recorded, with "a distribution of the wiper - explains Lavi Lazarovitz, Head of Security Research, CyberArk Labs - which does not seem to exploit the vulnerabilities of the chain procurement or other "super-spreader" techniques, which means that the infection will not spread rapidly to other geographic areas. " The feature of HermeticWiper, discovered by Eset and Symantec, is to erase all data contained in mass memories, and has been used to attack thousands of computer systems located on Ukrainian territory, in conjunction with the large-scale military operation operated by Russia . "Malware - according to the analysis of the Axiteia cyber security team - by its nature knows no borders and we expect the presence of HermeticWiper to be detected soon also in Western Europe, and consequently also in Italy. The security specialists are monitoring the situation carefully and taking the first countermeasures ”. According to recent research by Sentinel One, the new wiper malware operates through a signed driver, used to deploy a wiper that wipes Windows devices, after wiping shadow copies and manipulating the MBR after reboot. "The alarm launched by the National Cybersecurity Agency requires a concrete acceleration in the adoption of suitable cyber defense tools - says Gerardo Costabile, CEO of DeepCyber, a company that deals with cybersecurity, cyber intelligence, anti-fraud and data protection - It is urgent to implement digital infrastructures with increasingly sophisticated tools in order to cope with potentially very harmful IT incursions ”. Warning against the malware Hermetic Wiper Constable underlines how “this type of attack is not claimed by anyone, but manages to destabilize the digital part and knows no traditional territorial boundaries, being able to attack anyone without limits of space and political geography. Looking ahead, it is desirable that the States commit themselves to develop a common operational strategy, capable of guaranteeing not only the maximum protection of data and documents, but also the full integrity of digital systems ". but how can you protect yourself from this new type of attack? According to Palo Alto Networks, “there is no single action to be taken to protect organizations from this threat. Unlike a new malware family or an emerging vulnerability - explains the cybersecurity company - potential attacks could come in many forms. Numerous Western governments have proposed recommendations focused on technical hygiene, which Unit 42 considers appropriate, given the variety of tactics Russian actors have used in the past. " Anonymous takes the field against Russia Taking the field alongside Ukraine and announcing a series of cyber attacks against Russia is the hacker collective Anonymous, which announced its position on Twitter, claiming the attack was already launched against the Russian Today television network, with the hackers who have defined RTNews as "the site of Russian propaganda". “Anonymous is currently involved in operations against the Russian Federation - explains the collective - Our operations target the Russian government. It is inevitable that the private sector will also suffer greatly. Put yourself in the shoes of the Ukrainians who are being bombed right now. Together we can change the world, we can resist anything. It is time for the Russian people to unite and say no to Vladimir Putin's war ”. This first announcement was followed by a second one, again via Twitter, in which the hacker collective announced that it had managed to block the Russian Defense Ministry website with a cyber attack. "There are parallel conflicts that have persisted for years where individual states or organizations aim to create damage to infrastructures, operations and communications - explains Hassan Metwalley, CEO and co-founder of Ermes - Intelligent Web Protection - The beginning of the conflict between Russia and Ukraine is was sanctioned by a zeroing of telecommunications within the Ukrainian country even before the military attack. Anonymous's stance is just the umpteenth demonstration of the weight that these 'hacker armies' can assume within national and social policies. The goal of the collective could be the isolation of Moscow and its vital infrastructure ". Cybersecurity brands shine on the stock market The attention around the "cyber" version of the conflict between Russia and Ukraine will have - and has already begun to have - an impact on the stock market performance of companies specializing in cybersecurity, many of which are growing in double figures on Wall Street. According to Wedbush Securities analyst Dan Ives, concerns about cyberattacks could add between 200 and 300 basis points of growth to the sector, which could grow by 20% over the course of 2022.

cyber attacks