Cyberwarfare: Everything you need to know

Alongside the missiles and bombs slamming down in Ukraine, the country has also been hit by a wave of cyberattacks targeting critical infrastructure companies. The timing and scale of the attacks point towards hackers working at the behest of Russia. Mint explains: 

What has happened in Ukraine so far? 

Ukraine has been one of the primary targets of Russia since 2020. The recent spate of attacks started in mid-January and knocked out websites of the ministry of foreign affairs and the ministry of education. The attacks have intensified in the last few weeks and now, banks in Ukraine are being targeted. Ukraine’s minister of digital transformation said this week that more government websites and a number of banks have been hit by another mass distributed denial of service (DDoS) attacks this week. DDoS attacks disrupt online services by overwhelming websites with more traffic than their server can handle. 

What is cyberwarfare? 

Cyberwarfare has emerged as a new form of retaliation or passive aggression deployed by nations that do not want to go to actual war but want to send a tough message to their opponents. In June 2020, security experts from Cyfirma uncovered a conspiracy by Gothic Panda and Stone Panda, two China-based hacker groups, to target media and critical infra companies in India with large-scale attacks amid the border stand-off between India and China in Ladakh. For many countries, cyberwarfare is a never-ending battle as it allows them to constantly harass and weaken geopolitical rivals. Russia is one of the top perpetrators of state-backed cyberattacks, followed by North Korea, Iran and China. 

Which sectors are targeted and why? 

State-backed cyberattacks are usually carried out to steal state secrets, trade deals and weapons blueprint, or target large multinationals to steal their intellectual property (IP) and use it to build local industry. Cryptos are also on the radar now. North Korean hackers reportedly stole cryptos worth $400 million in 2021. However, when states launch cyberattacks on other states as a result of worsening of geopolitical relations, the target is usually critical infrastructure firms to disrupt economic activity. According to Microsoft, government agencies, NGOs and think tanks are most targeted followed by education, IT and health. 

How often is India targeted? 

Such cyberattacks rose 100% bet-ween 2017 and 2021, according to a global study by Hewlett-Packard and the University of Surrey. Though India is not one of the top targets of nation state backed attackers, several state-backed attacks on India have been reported in recent years. For instance, in 2019, the administrative network of the Kudankulam Nuclear Power Plant was hit by a malware attack by North Korea-backed Lazarus Group. China-backed hackers were believed to be behind a power outage in Mumbai in 2020. According to Black Lotus Labs, Pakistan-based hackers targeted power firms and one government organization in India in early 2021 using Remote Access Trojans.