Total Pageviews

Wednesday, February 23, 2022

Timeline: Ukraine-Russia War and its Cyber Dimension

Here is a timeline of cyberattacks, cyber-related events, political decisions and publications that take place in the context of the Ukraine-Russia crisis and wars. 

(list under construction)

Event

Date

Comment

"Cybernetics has a relatively long history in Ukraine, where its development started in 1947, several years earlier than in the rest of the USSR but about a decade later than in the West".  

1947

https://www.ukrweekly.com/archive/1985/The_Ukrainian_Weekly_1985-28.pdf

     

"in November 1984, it was announced on Radio Moscow that scientists at the Glushkov institute of Cybernetics, which is part of the Ukrainian Academy of Sciences, had developed the first automatic system for teaching school children in the USSR." 

November, 1984

https://www.ukrweekly.com/archive/1985/The_Ukrainian_Weekly_1985-28.pdf

     

"a new supercomputer" was in production at Severodonetsk in the Donelske Oblast. Because of restrictions imposed by the United States government on software exports to the Soviet Union [...] the USSR had developed the computer on its own, and "there is nothing similar anywhere in the world."  

July, 1985

https://www.ukrweekly.com/archive/1985/The_Ukrainian_Weekly_1985-28.pdf

     

Ukraine and Russia, among several other countries, connect to NSFNET  

1993

     

Russian cyberattack against Ukraine: operation "Armageddon".  

2013

Report on Armageddon/Gamaredon Group: https://ssu.gov.ua/uploads/files/DKIB/Technical%20report%20Armagedon.pdf

     

Russian cyberattack; operation "Snake". 

February 2014

     

Attacks against the ukrainian automated system "Elections". 

22-26 May, 2014

     

Russian hackers breach the Ukrainian power grid (using the Trojan virus BlackEnergy)

23 December 2015

Attribution; Sandworm Team (APT)

Kenneth Geers (Ed.), Cyber War in Perspective: Russian agression against Ukraine, CCDCOE, Tallinn, 2015, 175 pages.

2015

Chapter "Cyber Proxies and the Crisis in Ukraine", Tim Maurer, https://ccdcoe.org/uploads/2018/10/Ch09_CyberWarinPerspective_Maurer.pdf      

Ukraine adopted in 2016 a National Cybersecurity Strategy

15 February 2016

     

Emergence of the Ukrainian Cyber Alliance (UCA), community of ukrainian cyber activists. Its goal is to counter russian agression in Ukraine.  

Spring, 2016

List of their cyber operations: https://en.wikipedia.org/wiki/Ukrainian_Cyber_Alliance

     

Second attack against the ukrainian power grid

17 December 2016 Attribution: Electrum  

Ukrainian state institutions have been targeted about 6500 times in the past 2 months.

December, 2016

     

Russian hackers attack Ukraine's Finance Ministry, the State Treasury, and disrupt 150 000 electronic payments.

2016

     

Marie Baezner, Patrice Robin, Hotspot Analysis: Cyber and Information warfare in the Ukrainian conflict, CSS Cyber Defense Project, Zürich, version 1, 32 pages.

June 2017

     

Russia deployes the NotPetya malware via Ukrainian accounting software

27 July 2017

     

The U.S. ambassador to the Ukraine announces a $5 million assistance package to strengthen Ukrainian cyber security efforts during the nation’s first bilateral dialogue on cyber security

29 September 2017

     

Aaron F. Brantly, Nerea M. Cal and Devlin P. Winkelstein, Defending the Borderland, Ukrainian Military Experiences with IO, Cyber, and EW. Army Cyber Institute, West Point, 60 pages. https://apps.dtic.mil/sti/pdfs/AD1046052.pdf

2017

     

Attempted cyberattack against the network equipment of the Auly Chlorine Distillation Station (in Ukraine)

11 July 2018 This cyberattack used the VPNFilter malware

Nadiya Kostyuk, Yuri M. Zhukov, Invisible Digital Front: Can Cyber Attacks Shape Battlefield Events?, Journal of Conflict Resolution, 2019, Vol. 63(2) 317-347  

2019

https://journals.sagepub.com/doi/pdf/10.1177/0022002717737138 "In Ukraine—one of the first armed conflicts where both sides deployed such tools extensively—cyber activities failed to compel discernible changes in battlefield behavior".

     

"Cybersecurity; the geospatial edge". This article mentions that Russia installed a undersea cable across the Strait of Kerch in January 2014. "The cable’s existence strongly suggested Russia was making a move to connect Ukraine’s critical infrastructure with Russia’s."

5 November 2019

ESRI Blog. https://www.esri.com/about/newsroom/blog/german-cybersecurity-experts-use-gis/

Ukrainian authorities ask FBI for help investigating Russian hack on Burisma

January 2020

     

Ukraine’s State Service for Special Communications and Information Protection signes a memorandum of understanding with Huawei on cooperation in the areas of cybersecurity and cyber defense.

15 October 2020

     

Signing of the U.S.-Ukraine Strategic Defense Framework between the U.S.Department of Defense (DoD)and the Ministry of Defence of Ukraine (MOD). Among the priorities of the agreement there is "Strengthening cooperation on cyber security to deter malicious cyber activities on national security systems, to attribute such activities, and to defend against adversaries effectively".

August 31, 2021

     

Malware attack (detected by Microsoft MSTIC) hits government devices, non-profit organizations and information technology organizations in Ukraine

January 13, 2022

     

About 70 government Ukrainian websites are affected by a series of cyberattacks (web defacement)

January 14, 2022

     

Microsoft discovers a new malware family calle WhisperGate

January 15, 2022

     

Decree of the President of Ukraine n°37/2022 on the Plan for the Implementation of the Cybersecurity Strategy of Ukraine. 

February 1, 2022

     

A School of Communication and Cybersecurity Specialists was launched in the Armed Forces of Ukraine.  

February 2, 2022

https://www.facebook.com/permalink.php?story_fbid=496234555367347&id=108487950808678

     

Nikolai Murashov, Deputy Director of the National Coordination Center of the Russian Federation for Computer Incidents, declares that several foreign countries plan to launch cyberattacks against Russia's critical information infrastructures

February 3, 2022

     

Cyberattacks against Ukrainian government websites

February 15, 2022

     

The Ukrainian government asks for the EU’s support of cyber military officials

February 18, 2022

     

U.S. attributes February DDoS attacks to Russia's GRU

February 18, 2022

     

Ahmad Mohee, Cyber war: The hidden side of the Russian-Ukrainian crisis, 4 pages, https://osf.io/preprints/socarxiv/2agd3/download

February 20, 2022

     

EU countries mobilize cyber team to provide cyber defense support to Ukraine

February 21, 2022

     

Cyberattacks against several official Ukrainian websites: 

- Ukrainian Cabinet of Ministers; 

- Ministries of Foreign Affairs, Infrastructure, Education and others

Some banks have been impacted by the attacks

February 23, 2022

DDoS attack, malware attack (that also infects computer systems in neigbouring countries such as Latvia and Lithuania)   

Russian State-backed hackers group known as Sandworm is suspected of having developed the new malware

Donetsk suffered a multi-hour Internet disruption primarily affecting provider Eastnet, amid a wider power outage

23 February 2022

Cyberattack using HermeticWiper

23 February 2022

Russia has launched a series of military attacks against Ukrainian military bases       

 24 February 2022

 

Key Ukrainian government websites are still down early Thursday morning

24 February 2022

                                                  

Cyberattacks using IsaacWiper, target Ukrainian institutions and systems       

 24 February 2022

     

Shares of cybersecurity companies jump: Telos (+14%), Palo Alto Networks (+10%), etc. 

24 February 2022 

     

Cyberattacks against Ka-Sat satellite network. Attribution: Russia?

24 February 2022

Communications have been affected in Europe, in Ukraine, in Germany (5800 affected wind turbines), 10 000 customers of Nordnet in France lost internet access

Kyiv Internet traffic has dropped 60 percent over the course of the day

24 February 2022

Communications have been affected in Europe, in Ukraine, in Germany (5800 affected wind turbines), 10 000 customers of Nordnet in France lost internet access

Ukrainan government calls on hackers underground to help protect critical information infrastructures

February 25, 2022

     

Leaders of the Conti ransomware hackers group announce they are supporting Russia

February 25, 2022

     

Cyberattacks against Ukraine, using a new version of IsaacWiper       

 25 February 2022

     

Anonymous hackers launch cyber war against Russia

February 25, 2022

     

Ukraine says hackers from Belarusian military are targeting private email addresses of Ukrainian military personel. 

February 25, 2022

The Belarusian hackers group is code-named UNC1151 

Russia is restricting access to Facebook 

February 25, 2022

 

Deputy Prime Minister declares that Ukraine will create an IT Army to fight against Russia's cyberattacks. He also published on a Telegram message a list of 31 russian websites that should be targeted by hackers 

February 26, 2022

     

Sur Twitter le vice premier ministre ukrainien s'adresse à Elon Musk: "While your rockets successfully land from space — Russian rockets attack Ukrainian civil people! We ask you to provide Ukraine with Starlink stations and to address sane Russians to stand." 

February 26, 2022

Réponse d'Elon Musk: "Starlink service is now active in Ukraine. More terminals en route."

Ukraine has launched the website 200rf.com to help Russian families track down killed or captured soldiers. 

February 27, 2022

Belarusian hackers attacked the Belarusian Railways, to slow down the transfer of Russia's forces to Ukraine  

February 27, 2022


Conti ransomware group chats have been leaked and published online

February 27, 2022


Ukraine requests to cut off Russia from the Internet         

February 28, 2022  Request sent to ICANN by its Ukraine's representative

USA and UK security agencies (NSA, CISA, FBI, Cyber Command, NCSC) released a joint statement exposing harmful cyber operations by iranian state-sponsored hackers group MuddyWater

February 28, 2022

Several hacker groups and countries are likely to launch cyber operations that are not directly related to the Ukraine-Russia war, but which add threat to an already highly disrupted environment.

Several Russian Websites inaccessible (from France): rt.com, kommersant.ru...

February 28, 2022

     

Several videos of Ukrainian drone missile strikes have been published in the last few days and hours        

February 28, 2022

video on Youtube: 1, 2, 3, 4, etc. 

Alphabet Inc.'s Google temporarily disables Google Maps live traffic data in Ukraine   

February 28, 2022


The Moscow Stock Exchange was offline on Monday 28 February. Today the website still inaccessible.

March 1, 2022


"Meta is stepping up to shut down Russian lies. When will Youtube? We are calling onGoogle to deplatform Russian state media in the strongest possible terms.” M. Fedorov on Twitter 

March 1, 2022


Kyiv-based cybersecurity company Cyber Unit Technologies is organizing a hackaton, promising a $100k bounty payable incryptocurrency to the best online attacks against Russian websites

March 1, 2022


Internet disruption has been reported in Severodonetsk, the acting administrative center of Luhansk Oblast, in Eastern Ukraine

March 1, 2022

     

"The Russia-Ukraine Cyber Conflict and Potential Threats to the US Health Sector", Report, Analyst Note, HHS Cybersecurity Program, 10 pages

March 1, 2022

     

According to cyber security firm Sekoia, nearly 260,000 people have joined the "IT Army" of volunteer hackers. 

March 2, 2022

     

ICANN denies Ukrain request to cut off Russia from the Internet  (letter signed by Göran Marby, President of ICANN)      

March 2, 2022 Official reasons: this is not technically feasible (since the internet is not a centralized system); and this is not the mission of ICANN (that has been built to ensure the internet works, and not to stop it from working): a shut down would also impact all russian citizens, included dissidents. 

Oracle and SAP suspend their operations in Russia

March 2, 2022

     

The Conti ransomware gang dismantled its back-end and C2 infrastructure

March 3, 2022

     

Telecoms blackout in Sumy Oblast, north-eastern Ukraine

March 3, 2022

     

Vedere Labs, Monitoring cyber activities connected to the Russian-Ukrainian Conflict, Briefing Notes, 15 pages.

March 3, 2022

     

Mariupol Internet goes dark as power is cut off

March 3, 2022

     

Elon Musk on Twitter: "Important warning: Starlink is the only non-Russian communications system still working in some parts of Ukraine, so probability of being targeted is high. Please use with caution". Users are advised to only turn on Starlink when needed and to place the antenna as far away from people as possible.

March 3, 2022

     

Mariupol Internet goes dark as power is cut off

March 3, 2022

     

Russia blocks Facebook inside the country

March 4, 2022

     

Russia's new legislation prohibits speech considered as fake news (about military and war in Ukraine).

March 4, 2022

     

The US-based ISP Cogent disconnects its customers in Russia

March 4, 2022

     

Significant telecoms disruption in Kherson Oblast, southern Ukraine

March 4, 2022

     

Ukraine has been included in the NATO CCDCOE as a "contributing participant".

March 4, 2022

     

Major disruption registered on Ukraine's national telecoms operator Ukrtelecom

March 5, 2022

     

The hacktivist group Squad303 releases 1920.in API that may be used to send messages to Russian. The objective is to communicate about what happens in Ukraine.  

March 5, 2022

     

Iranian Internet connectivity is impacted by the war. The internet cable that comes from Russia and goes through Ukraine to Iran, has been cut off in Ukraine.

March 5, 2022

     

TikTok and Netflix block access to their services in Russia.

March 6, 2022

     

Le développeur Brandon Nozaki Miller, alias « RIAEvangelist » modifie l'un de ses logiciels open-source en wipper, pour piéger les utilisateurs russes et bélorusses. These new codes are called "protestware".  

March 7, 2022

L'opération fait des victimes collatérales, dont une association américaine recueillant des preuves de crimes de guerre commis en Ukraine: 30 000 messages et fichiers détruits. Le code malveillant est retiré le 8 mars 2022.

     

The International Atomic Energy Agency (IAEA) says it has lost contact with remote data transmission systems at Chernobyl nuclear power plant.

March 8, 2022

     

The US-based backbone provider Lumen quits Russia

March 8, 2022

     

Ukraine's national telecoms operator, Ukrtelecom, suffered a 40m nationwide outage. The ISP Triolan has been down for more than 12 hours (due to a cyberattack).

March 10, 2022

     

Roskomnadzor leak (publication of 820GB of documents from Roskomnadzor, leaked by Anonymous. The data is published by DDoSecrets)

March 10, 2022

     

Chech Point Research publishes an analysis of Conti ransomware group activities and organization. https://research.checkpoint.com/2022/leaks-of-conti-ransomware-group-paint-picture-of-a-surprisingly-normal-tech-start-up-sort-of/  

March 10, 2022

     

Russia has created its own TLS certificate authority (CA)  

March 10, 2022

https://www.bleepingcomputer.com/news/security/russia-creates-its-own-tls-certificate-authority-to-bypass-sanctions/

     

"Suspicious Twitter Activity around the Russian Invasion of Ukraine", OSoMe White Paper, Indiana University, 6 pages  

March 10, 2022

The study reports on a dramatic spike in the creation of new accounts around the date of the invasion. https://osome.iu.edu/research/blog/suspicious-twitter-activity-around-the-russian-invasion-of-ukraine/Ukraine_OSoMe_White_Paper_March_2022.pdf

     

According to the CERT UA, ukrainian state organizations have been attacked with Cobalt Strike Beacon, GrimPlant, and GraphSteel malwares.

March 12, 2022

     

Ukraine's defense ministry began using Clearview AI’s facial recognition technology. It may be used to uncover Russian assailants, combat misinformation and identify the dead.

March 12, 2022

     

The Intercept publishes a translated version (from Russian to English) of the Conti leaked conversations. https://theintercept.com/document/2022/03/14/contileaks-translations/

March 14, 2022

     

Micah Lee, Leaked chats show Russian ransomware gang discussing Putin's invasion of Ukraine, The Intercept, https://theintercept.com/2022/03/14/russia-ukraine-conti-russian-hackers/

March 14, 2022

     

Analysts at Slovakia-based ESET discover a 4th wiper malware, used to attack Ukrainian organizations: WaddyWiper.

March 15, 2022

     

"The website of the Ministry of Emergency Situations of Russia was hacked to post a message about the Russian army’s death toll in Ukraine". March 16, 2022

https://www.ukrinform.net/rubric-society/3431826-hackers-deface-russian-emergency-service-website-to-expose-army-death-toll-in-ukraine.html

     

Ukraine legalizes cryptocurrencies

March 17, 2022

     

Anonymous says it has attacked 2500 Russian and Belarussian websites, in support of Ukraine.  

March 17, 2022

     

Anonymous hackers have claimed to hack the Central Bank of Russia and steal 35,000 files (28GB of data).  

March 23, 2022

     

SAP is shutting down its cloud operations in Russia /  

March 24, 2022

     

According to state railway operator Ukrzaliznytsia’s press service, the company's online ticketing and telephone services have been hacked.  

March 24, 2022

https://kyivindependent.com/uncategorized/ukrzaliznytsia-says-it-was-hacked/

     

Anonymous has created a new website to host its leaks: anonymousleaks.xyz  

March 27, 2022

     

The hackers group NB65, linked to Anonymous, claims via Twitter it hacked all Russia State Television and Radio Broadcasting Company.  

March 27, 2022

     

Ukraine’s state-owned telecommunications company Ukrtelecom has been victim of a powerful cyberattack on Monday 28, 2022  

March 28, 2022

     

"the Ukrainian Defense Ministry’s Directorate of Intelligence published personal data of over 600 alleged Russian intelligence officials online claiming that the leak belongs to FSB (Federal Security Service) agents".  

March 28, 2022

https://www.hackread.com/ukraine-leak-personal-details-alleged-fsb-agents/ This practice is also known as "doxing".

     

Kaspersky antivirus software has been added to US national security risk list 

March 28, 2022

This is not the first time Kaspersky has been banned in the US

     

Russia accuses the United States of leading a massive campaign of cyber aggressions targeting its critical infratructures. https://www.insidetelecom.com/russia-accuses-u-s-of-massive-cyber-aggression/  

March 29, 2022

     

The Ukraine CERT (CERT UA) published information concerning MarsStealer malware attacks against Ukraine's citizens and government institutions. (CERT-UA # 4315)  

March 30, 2022

https://cert.gov.ua/article/38606

     

New website "Meta History Museul of War". This project combines "blockchain technology and contemporary art to document the historical truth about the Russian Federation's war against Ukraine" (https://www.ukrinform.net/rubric-society/3446005-worlds-first-nft-museum-of-war-raises-more-than-600000-to-support-ukraine.html).  

April 1, 2022

https://metahistory.gallery/

     

Ukraine's military intelligence publishes a list of Russian militaries (names, passports, ranks) stationed in Bucha. /  

April 4, 2022

     

The Ukraine CERT (CERT UA) published information concerning the UAC-0010 (Armageddon) cyberattacks against european countries institutions.(CERT-UA # 4334)  

April 5, 2022

https://cert.gov.ua/article/39086

     

The Ukraine CERT (CERT UA) published information concerning the UAC-0010 (Armageddon) cyberattacks against Ukraine's government institutions.(CERT-UA # 4378)  

April 5, 2022

https://cert.gov.ua/article/39138

     

The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) sanctioned the Russia-based darknet market, Hydra Market (Hydra), in cooperation with the German Federal Criminal Police who shut down Hydra servers in Germany and seized $25 million worth of bitcoin.  

April 5, 2022

     

Ukraine's security and intelligence service is warning of a new wave of cyber attacks that are targetting users'Telegram accounts.  

April 6, 2022

https://thehackernews.com/2022/04/ukraine-warns-of-cyber-attack-aiming-to.html The attacks are attributed to a threat cluster called "UAC-0094".

     

"The U.S. Agency for International Development said it delivered 5,000 of SpaceX’s Starlink terminals to Ukraine".  

April 6, 2022

https://www.bloomberg.com/news/articles/2022-04-06/u-s-sends-5-000-spacex-starlink-internet-terminals-to-ukraine

     

U.S.Justice Department Announces Court-Authorized Disruption of Botnet Controlled by the Russian Federation’s Main Intelligence Directorate (GRU)  

April 6, 2022

The operation was conducted in March 2022. https://www.justice.gov/opa/pr/justice-department-announces-court-authorized-disruption-botnet-controlled-russian-federation

     

Microsoft says it has disrupted cyber attacks attributed to Strontium, a hacking group linked to Russia’s military intelligence. The hackers tried to attack US and EU institutions.  

April 7, 2022

     

A map titled "where do orcs come from?" has been published online. Tha map has been created using Google Maps and the data published by the Ukraine defense intelligence services. Its is based on the passport data of the russian militaries that acted in Bucha.  

April 7, 2022

https://www.google.com/maps/d/u/0/viewer?fbclid=IwAR33aCBYyhQM_NcR0Ws6APGxtR0h31coRrQO1POkGtwTzCmwpGL1mszOlHE&mid=1QVvmDMJz3QA5NieKQ7aF_eJAJMISZ20M&ll=55.36253108330107%2C82.93391542951697&z=3

     

The CERT-UA informs that the hackers group Sandworm (UAC-0082) has launched cyberattacks against Ukraine's energy infrastructures, using the malwares INDUSTROYER2 and CADDYWIPER (CERT-UA # 4435)  

April 12, 2022

https://cert.gov.ua/article/39518

     

US-based Cogent Communications began shutting down business with Russian customers.  

April 15, 2022

https://a6soft.com/major-us-internet-backbone-provider-terminates-service-with-russia/

     

Ukraine CERT informs about a phishing attack on Facebook (fake Ukraine 24 Channel). (CERT-UA # 4492)  

April 19, 2022

https://cert.gov.ua/article/38374

     

Joint Cybersecurity Advisory. CISA. Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure. 20 pages report. April 20, 2022

https://www.cisa.gov/uscert/sites/default/files/publications/AA22-110A_Joint_CSA_Russian_State-Sponsored_and_Criminal_Cyber_Threats_to_Critical_Infrastructure_4_20_22_Final.pdf

     

Ukraine’s postal service hit by cyberattack after sales of warship stamp go online April 22, 2022

     

Anonymous hacked nearly 1.1 million emails (1.1 TB ) from ALET, a Russian customs broker for companies in the fuel and energy industries April 25, 2022

https://twitter.com/YourAnonTV/status/1518525076286676993?s=20&t=Ng5oSqILAGJritHi78e4LA Documents are available at https://ddosecrets.com/wiki/ALET

     

Article: Eichensehr, Kristen, Ukraine, Cyberattacks, and the Lessons for International Law (April 25, 2022). 116 Am. J. Int'l L. Unbound, Forthcoming 2022, Virginia Public Law and Legal Theory Research Paper No. 2022-30 April 25, 2022

Available at SSRN: https://ssrn.com/abstract=4093044

     

Cyberattack UAC-0056 against ukraine with the malware GraphSteel and Grimplant. (CERT-UA # 4545) April 26, 2022

https://cert.gov.ua/article/39882

     

"Special report : Ukraine. An overview of Russia’s cyberattack activity in Ukraine". Report published by Microsoft. April 27, 2022

https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE4Vwwd. According to this report, Russia-aligned hackers have launched 237 cyberattacks against Ukraine from February 23 to April 8, including 38 destructive attacks.

     

Vladimir Putin signed the Executive Order On Additional Measures to Ensure Cybersecurity of the Russian Federation May 1, 2022

"The Executive Order determines which organisations may be involved in ensuring cybersecurity, as well as detecting, preventing and relieving the consequences of cyberattacks. In addition, it envisages appropriate rights for Federal Security Service bodies’ officials, as well as immediate implementation of organisational or technical measures. " http://en.kremlin.ru/acts/news/68322

     

Has Russia really been attacked by chinese hackers? May 4, 2022

https://cloud7.news/security/russia-is-being-targeted-by-chinese-hackers/

     

"1,400 Bangladeshi IP address used for cyber-attack in Russia and Ukraine" May 5, 2022

https://www.thedailystar.net/tech-startup/news/1400-bangladeshi-ip-address-used-cyber-attack-russia-ukraine-3017141

     

"The U.S. rushed cyber forces to Lithuania to help defend against online threats that have risen since Russia’s invasion of Ukraine". May 5, 2022

https://www.msn.com/en-us/news/world/u-s-sent-cyber-team-to-lithuania-over-russia-hacking-threat/ar-AAWW2I5

     

"Hackers replaced Russian TV schedules during Putin's 'Victory Day' parade with anti-war messages". May 9, 2022

https://www.businessinsider.com/russia-victory-day-tv-broadcasts-hacked-anti-war-messages-2022-5?r=US&IR=T

     

RuTube has been hacked. The platform is offline. May 10, 2022

     

Pro-Russian hackers'group Killnet has attacked the websites of several Italian institutions (The websites of the senate, Italy's upper house of parliament, the National Health Institute (ISS), the Automobile Club d'Italia...) May 11, 2022

https://www.reuters.com/world/europe/pro-russian-hackers-target-italy-defence-ministry-senate-websites-ansa-news-2022-05-11/

     

Armageddon APT Targeting Ukraine Through the Delivery of GammaLoad.PS1_v2 Malware May 12, 2022

https://cert.gov.ua/article/40240

     

A new fibe-optic internet cable has been istalled in Kherson region May 21, 2022

https://www.pnp.ru/social/v-khersonskuyu-oblast-proveli-internet-iz-kryma.html?utm_source=pnpru&utm_medium=story&utm_campaign=main_page

     

US confirms cyberattacks on Russia in Ukraine war June 1, 2022

https://techmonitor.ai/technology/cybersecurity/us-russia-cyberattacks-ukraine-war

     

"Hackers targeted Russian radio station Kommersant FM (...), broadcasting the Ukrainian national anthem and anti-war songs to protest Moscow’s invasion of Ukraine". June 8, 2022

https://www.themoscowtimes.com/2022/06/08/russian-radio-station-hacked-to-play-ukrainian-national-anthem-a77941

     

Lithuania under russian cyberattacks. Series of DDoS attacks target websites of government agencies and private companies. June 27, 2022

     

Declaration by the High Representative on behalf of the European Union on malicious cyber activities conducted by hackers and hacker groups in the context of Russia’s aggression against Ukraine. Council of the EU. July 22, 2022

https://www.consilium.europa.eu/en/press/press-releases/2022/07/19/declaration-by-the-high-representative-on-behalf-of-the-european-union-on-malicious-cyber-activities-conducted-by-hackers-and-hacker-groups-in-the-context-of-russia-s-aggression-against-ukraine/

     

Ukraine Cyber Chief Visits 'Black Hat' Hacker Meeting in Las Vegas August 11, 2022

https://www.voanews.com/a/ukraine-cyber-chief-visits-black-hat-hacker-meeting-in-las-vegas-/6698617.html

     

Ukrainian hackers attacked (DDoS attack) russian video-conference platforms such as TrueConf, Videomost, Webinar.ru, iMind, and other. August 12, 2022

https://lenta.ru/news/2022/08/29/zoom/

     

Ukraine’s nuclear operator Energoatom on Tuesday reported what it called an “unprecedented” cyberattack on its website August 16, 2022

https://www.thedefensepost.com/2022/08/17/ukraine-nuclear-operator-cyberattack/

     

Estonia hit by cyberattacks from Russian group Killnet. This attack is said to be the most extensive one Estonia has faced since 2007. August 18, 2022

https://www.euronews.com/next/2022/08/18/estonia-hit-by-most-extensive-cyberattack-since-2007-amid-tensions-with-russia-over-ukrain

     

Russian services have organised coordinated cyber-attacks on Montenegrin government servers twice since August 22 August 22, 2022

https://balkaninsight.com/2022/08/26/montenegro-accuses-russia-of-cyber-attacks-on-govt-server/

     

Ukraine and Poland agree to jointly counter Russian cyberattacks August 23, 2022

https://therecord.media/ukraine-and-poland-agree-to-jointly-counter-russian-cyberattacks/

     

Ukrainian hackers have attacked the russian software provider Right Line (main provider of online banking applications in Russia). August 23, 2022

https://news.rambler.ru/internet/49215683-ukrainskie-hakery-vzlomali-postavschika-po-dlya-zaschity-rossiyskih-bankov/

     

Dell Technologies exits Russia August 27, 2022

https://www.msspalert.com/cybersecurity-news/ukraine-russia-cyberattack-timeline-updates-amid-russia-invasion/

     

Ericsson, Nokia, Logitech say they will exit Russia August 29, 2022

https://www.msspalert.com/cybersecurity-news/ukraine-russia-cyberattack-timeline-updates-amid-russia-invasion/

     

"Someone hacked #YandexTaxi and ordered all available taxis to Kutuzov Prospect in Moscow " September 1, 2022

https://twitter.com/AnonOpsSE/status/1565447434465148928

     

"Ukrainian hackers created fake profiles of attractive women to trick Russian soldiers into sharing their location". September 5, 2022

https://www.businessinsider.com/ukraine-hackers-create-fake-profiles-russia-troops-share-location-ft-2022-9?r=US&IR=T

     

Pro-Russian hackers have attacked MI5’s public website. A group called Anonymous Russia claimed responsibility for the outage. Countries supporting Ukraine are targeted by pro-russian hackers. September 30, 2022

https://www.independent.co.uk/news/uk/home-news/russian-cyber-attacks-mi5-anonymous-b2184446.html

     



The https://liveuamap.com/ website/application provides live updated information about the conflict in Ukraine. 



Thursday, February 17, 2022

Hearing on “China’s Cyber Capabilities: Warfare, Espionage, and Implications for the United States”

Testimony before the U.S.-China Economic and Security Review Commission Hearing on “China’s Cyber Capabilities: Warfare, Espionage, and Implications for the United States”. February 17, 2022. Winnona DeSombre Research Fellow - Atlantic Council & Harvard Belfer Center. 16 pages. 

Le rapporteur devait tenter de répondre à quelques questions: que fait la Chine pour devenir une cyberpuissance cyber ("cyber superpower"); comment Chine et USA se situent-ils l'un par rapport à l'autre en termes de puissance cyber et de capacités cyber-offensives. 

Les réponses de Winnona DeSombre ne surprennent guère: la Chine est un concurrent majeur dans le cyberespace; elle veut dominer l'espace informationnel; la Chine développe un arsenal avec lequel les Etats-Unis ne peuvent rivaliser car contraints par des règles internationales et la législation nationale; la Chine utilise ses acteurs privés pour mener des cyber-opérations; et enfin "The United States does not currently have adequate cyber defenses, personnel, supply chain security, or international technical and standards leadership to rival China long-term." 

Le ton se veut résolument alarmiste, mais qui peut sérieusement croire que les Etats-Unis ne disposeraient pas des moyens de rivaliser avec la Chine? 


UK Cyber Security Sectoral Analysis 2022

Le Department for Digital, Culture Media & Sport du Royaume-Uni vient de publier une étude sur le secteur de la cybersécurité britannique. 1838 entreprises ont été identifiées, comptant près de 53000 salariés (équivalent temps-plein), soit 6000 de plus que l'année précédente. Cette étude sectorielle analyse en détail l'offre commerciale, mais aussi la distribution géographique de ces entreprises sur le sol britannique (majoritairement localisées, sans grande surprise, à Londres et au Sud-Est de l'Angleterre), les clusters de cybersécurité, la contribution du secteur à l'économie nationale, etc. 

Wednesday, February 9, 2022

Entretien au journal Le Point

Entretien accordé au journal Le Point, article sur la situation en Ukraine publié le 24 janvier 2022 (rédigé par Ava Luquet). 

Article

Tuesday, February 8, 2022

Wassenaar Arrangement

Carte des Etats participant à l'Arrangement de Wassenaar (réalisée à partir des données publiées sur le site Wassenaar.org)