In addition to the physical war, a digital war is being waged in Ukraine. After the Russian invasion and subsequent sanctions imposed by countries around the world, the number of cyberattacks in the world has skyrocketed. This is how Candid Wüest, Vice President of Cybersecurity Research at Acronis and advisor to the Swiss Federal Government on cybersecurity risks, explains: “Usually the things people talk about generate emotion and that’s when these kinds of things start to happen. Attacks”.
Wüest, a frequent speaker at cybersecurity conferences, stresses that many people have been surprised that these cyberwarfare attacks “are not as destructive as most people would have imagined.” Remember that in 2015 there was a huge blackout in Ukraine due to a digital attack. “The attackers, possibly the Russians, entered the electrical grid and cut power to thousands of homes,” he says in an interview at CyberFit Summit 2022, an event organized in Miami called by cybersecurity firm Acronis EL PAÍS.
This attack, which was “truly devastating”, prompted Ukraine to improve its defense. Since the invasion of Ukraine began, in February 2022, “the only major attack occurred against the satellite provider, taking advantage of the fact that the military used this type of communication.” The accident had collateral damage. In Germany, more than 4,000 wind turbines using satellite communications have “offlined”. “They were still producing energy, but they could no longer control it,” he explains.
The rest of the attacks did not have “extremely devastating” consequences. Most are denial-of-service attacks (an attack that seeks to disrupt or disrupt a website, network, or other online service by overloading it with a large amount of unwanted or false requests). “All government websites in different countries have been attacked and some of them are no longer available because they were bombarded with junk data, because someone exploited some vulnerabilities or because the admin password was weak and they managed to guess it,” he says.
There have also been some data breaches. According to his account, there are some volunteers calling themselves hacking activists who have hacked companies to steal and leak information. For example, “Customer data from several oil or gas companies.” The goal is to “shame them, blame them a bit, point out that they make a lot of money and try to put pressure on them.”
However, in such a conflict, more catastrophic attacks could ensue. “Most people are afraid that something will explode,” he notes. He gives the example of Stuxnet, a computer worm that in 2010 attacked Iran’s uranium enrichment facility. “They were able to break the entire network and the malware was able to disable and damage the centrifuges used in the uranium industry.” Such an attack, according to the expert, could cause radioactive materials to spill or even explode: “It would be very bad because no one wants a new Chernobyl.”
Among the attacks that the expert fears is also the paralysis of the financial market. Something that would cause “chaos and turmoil”. “If all the banks are shut down and no one can get money from the ATM or no one gets any salary, it could potentially lead to civil unrest,” he says. This situation could be exacerbated “if the water and electricity supplies are cut off”.
“Spying was there before, but now instead of putting a microphone in the politician’s room, they are going after his mobile phone directly”
Russia in October accelerated its plan to cut off energy supplies to the Ukrainian population during the cold months. The bombings destroyed at least 30% of the country’s electricity production plants, according to Ukrainian President Volodymyr Zelensky. If cutting off power with a cyberattack was so easy, “it probably would have happened by now.”
Added to this is that if a country carries out a cyberattack of this kind, “there will of course be a response, and in general, countries don’t want that to happen either.” “If someone turns off all the electricity in Ukraine, another country would probably respond and they don’t want that to happen because they’re all vulnerable to similar attacks, since all the infrastructure has similar technology, whether it’s in Russia or in the United States.”
Protecting critical infrastructure
Among the main mistakes of governments related to cybersecurity, the expert mentions the protection of critical infrastructures, which are sometimes privatized – as is the case of the electric grid in some countries. “The government should support and help these companies that generally don’t want to work with them because they don’t get any benefit,” he explains.
Wüest is part of a group that helps protect critical infrastructure in Switzerland. Many companies “say they know they have some weaknesses, but they don’t have the budget to fix them.” This leaves the government in a “difficult position”: “Does he pay for it?” The expert is not sure of the best solution. If you pay, you run the risk that companies will stop fixing vulnerabilities and ask you for more money. But if you force companies to pay, “you change the competition.” “I’ve been telling them they need to pay a few million more because they haven’t done anything in the past and it’s not fair.”
Espionage in the digital age
Politicians also face threats such as espionage. The British newspaper Mail reported on Sunday that the personal phone of former British Prime Minister Liz Truss was hacked while she was still the head of foreign affairs. In theory, the cyber spies intercepted secret messages with international politicians on topics such as the war in Ukraine. “It’s nothing new in the digital age, it used to happen before, but now instead of having a microphone in the hotel room, they go right behind their computers and cell phones,” he says.
Wüest finds it terrifying to think how much control someone can have just with access to a cell phone. In the case of a politician, you can listen to their conversations and find out, for example, “what is being planned, if there is a wave of attacks somewhere or if they are going to try to impose some sanctions and try to counter these measures”. In addition to accessing emails and calendars, cyber espionage can send text messages: “Technically, you could send a message saying ‘we should totally attack this country’ or ‘we should stop applying sanctions to it’ and that’s something that could potentially happen.” “.
You can follow country technology in Facebook s Twitter Or sign up here to receive The weekly newsletter.