Amid the largely kinetic activity involving Russia’s invasion of Ukraine, many changes to the cyber landscape are occurring. Prior to the military invasion, Putin made cyber appeal overtures to his global adversaries. Over the past week, the cyber tables have turned against him. In addition to Ukraine’s cyber offensive operations, Russia has been hit by cyber attacks from vigilante groups like Anonymous and recruits from around the world.
Moreover, when the banks closed, ATMs in Ukraine quickly ran out of hard currency. Many Ukrainian citizens then turned to cryptocurrency to pay for their gas and groceries. Suddenly, the concept of decentralized finance made sense in a real-life scenario. Central banks do not work. So, without cash, how do we pay for things? Crypto is the answer.
The mysterious hacking collective, Anonymous, has made public overtures against Moscow, promising to attack the Russian state’s cyberinfrastructure. Shortly after their first announcement, Russian government websites began going offline, resulting in a repository of confidential documents from the Ministry of Nuclear Safety in Moscow on the Mega file-sharing site. They have continued their cyber offensive over the past month, striking Russian web assets and Kremlin infrastructure, among other targets.
Anonymous, however, is only part of the international cyber effort against Russia. For example, on February 26, Ukrainian Deputy Prime Minister and Minister of Digital Transformation Mykhailo Fedorov asked for help from security researchers around the world and created the “IT Army of Ukraine”. The IT Army is a group of volunteer cyber warriors mandated through the Telegram chat platform. On the Telegram channel, Ukrainian cyber leaders instruct cyber actors around the world to successfully attack Russian digital assets.
Crypto goes mainstream
Regardless of the outcome of the conflict, the currency shift and fight toward cyberinfrastructure will likely have a lasting impact on domestic and foreign policy.
The shift to crypto as the currency of choice during conflicts, driven by the collapse or deliberate closure of traditional banking, legitimizes decentralized finance (DeFi). DeFi, as a concept, represents the separation of government, oversight, and financial market politics. Operating under a DeFi model, the federal government has little to no influence over the value and purchasing power of a given currency. In the case of Ukraine, and now in Russia, the lack of stability or control over the financial sector is pushing people to adopt DeFi (cryptocurrencies) to operate. The fundamental impact of using crypto when the financial system is unreliable will have lasting effects in every country. We now have a solid use case.
Cyber-offensive alongside kinetic attacks marks a new and growing tactic to influence traditional warfare. As cybermercenaries step up their attacks, both unilaterally and with the encouragement of the Ukrainian government, the concept of traditional bilateral kinetic warfare is changing dramatically.
Where the Russians can fight back
Meanwhile, the looming threat of a Russian cyber offensive against the United States and NATO is instilling paranoia and fear in state governments and business entities. The role of years of ransomware attacks against the United States and its allies went largely undiscussed. The impact of these attacks could provide key advantages to Russia should it carry out a state-sanctioned cyberattack. The misunderstanding. Most ransomware attacks emanate from Russia, as Russia has granted unofficial amnesty to actors as long as they do not attack Russian assets. This has been further verified in some of the ransomware codes that would not run if the victim’s keyboard was set to Cyrillic.
Ransomware actors systematically steal data from their victims. Whether or not they settle down with a victim, it is safe to assume that they keep copies of the stolen data. Why would they delete it? It is valuable and data storage is cheap. There is probably a Russian state counterpart with the actors that the FSB/GRU has access to or gets a copy of this stolen data. If Russia were to launch a cyberoffensive, this data would prove invaluable. Exabytes of private US and allied, municipal and federal data. Identifiers, systems information, intellectual property, emails, databases and plans.
Another possible outcome of the conflict is future software supply chain attacks. Russian actors have proven their abilities to carry out these sophisticated attacks in the past. Many companies have outsourced part or all of their software development to Ukraine. If Russia had access to software development companies, it would have the raw materials (source code) to carry out more sophisticated and long-term attacks on the software supply chain for the foreseeable future.