Thousands of people across Europe were thrown offline by a massive internet outage believed to be part of the Russian offensive on Ukraine. Reporting on the possible cyberattack, approximately 9,000 subscribers of Nordnet, an internet service provider subsidiary of Orange in France, were without internet on February 24.
The internet outage on Viasat affected over 40,000 Bigblu subscribers in France, Germany, Greece, Hungary, Italy, and Poland.
Viasat reported in the US that a cyber-event had caused a partial network outage for its customers in Ukraine and elsewhere in Europe that rely on the KA-SAT satellite. No further details were provided about the events, but the investigative authorities were notified. According to General Michel Frieling, the head of France’s Space Command, it’s obvious there was a cyberattack on Viasat.
In the period immediately after the start of the war in Ukraine, the satellite network that serves Europe and specifically Ukraine came under a cyberattack. The incident made tens of thousands of terminals inoperative. About 5,800 wind turbines were knocked offline in Germany and Central Europe after the attack bringing down 11 gigawatts of power output. Enercom, the German manufacturer, reported having limited control and remote monitoring of wind power converters due to the disruption of satellite connections.
Both military and cyber specialists fear that the Russian-Ukrainian conflict spurs increased cyberattacks with far-reaching consequences in Russia and Ukraine and worldwide. For example, Russia launched a malware attack in June 2017 named NotPetya on Ukraine, which quickly spread worldwide, causing an estimated $10 billion in damage. Governments worldwide are worried that the situation may spill over and lead to an-out cyberwar.
The attacks identified thus far have been restricted in their geographical scope and impact. In Ukraine, cybersecurity companies have identified a new data destroying/wiping virus whose effects are not well known. A spillover effect has been reported, with Ukrainian contractors in Latvia and Lithuania reporting attacks by the wiper malware. Russia has been blamed for several cyberattacks targeting government and banking systems in Ukraine in recent weeks. Websites of several Ukrainian government departments and banks were knocked offline by a distributed denial of service (DDoS) attack. Institutional websites in Russia were made inaccessible from abroad to prevent denial of service attacks.
The global technology infrastructure has ensured that cyber threats can be identified, nullified, and shared information to prevent future occurrences. Through its Threat Intelligence Center, Microsoft reported the detection of destructive cyberattacks on Ukrainian digital infrastructure on the eve of the initial attacks. The attacks labeled FoxBlade included wipers that wipe out data once they enter a network. Hundreds of cyberattacks of different forms have been reported since the war began.
Misinformation campaigns have exacerbated conflicts and even led to genocides. Deaths may happen, for example, when “leaked intelligence” suggests a location is a potential target, and people flee to the following area in safety. However, the safe place becomes an obvious target for attacks leading to the death of vulnerable populations. So far, the effects of misinformation and propaganda have been more psychological.
Hacktivists, proxy groups, and other interested parties have been assembling to form cyberspace armies on either side of the conflict. Anonymous, the hacking group, has joined with Ukraine and has declared war against the Russian government. Ukraine has appealed for citizens of other countries to join them in creating an IT army to counter Russian hacking and cybersecurity overtures. Several European countries such as Lithuania, Croatia, and Poland are offering Ukraine support with the launch of a rapid-response team. Russia has reiterated that it will retaliate with equal or greater force.
Everything and anything found online can be hacked or exploited during a cyberwar. Offensive cyber weapons are now a first-strike tactic in war scenarios. Nothing significant has been recorded, with most incidences being disinformation and espionage. The three primary forms of cyber operations seen this far are wipers, distributed denial of service (DDoS) attacks, and the defacement and fake news. No attack on critical infrastructure has happened, but the situation may worsen.
Cyberwar between Russia and the west is a possibility, but the severity of such events would be limited. Cyberwar cannot be compared to real war since they are mainly non-violent and reversible. Cyberwar poses a severe risk to private interests besides government infrastructure and may have unanticipated consequences.