Kiev – With cyber attacks already launched against Crimean separatists, the Kremlin and Nato, the ground war may not have started in Ukraine but computer warfare is already raging.
In recent days – and with increasing intensity on Sunday – a virtual war has commenced in the countries at the centre of the worst East-West diplomatic crisis since the end of the Cold War.
The “soldiers” of this war don’t wear uniforms and don’t necessarily swear allegiance to one particular country. Their chosen weapon is the “Denial of Service” attack designed to overwhelm web servers and make their websites unusable.
The attacks accelerated as soon as voting booths opened on Sunday for the referendum in Crimea on whether the region will join Russia.
The site created by separatist groups to monitor the vote was blocked for an hour on Sunday, with the pro-Russian government accusing hackers from an American university, Urbana-Champaign in Illinois, of being behind the attack.
A few hours earlier, Nato, which has come out in support of the new, pro-Western government in Kiev, reported an attack on its servers by Ukrainian hackers using the name “CyberBerkut” which shut down three of its websites.
In a message posted on their own site, the group said it will “not allow a Nato presence on the territory of our homeland”.
The group’s name is a reference to “Berkut”, the riot police unit used by former Ukrainian president Viktor Yanukovych against anti-government protesters prior to his ouster in February.
Although the sites could not be used for several hours, Nato spokesperson Oana Lungescu said the attacks had no operational impact.
A little more than 24 hours earlier, it was the internet sites of the Russian Kremlin, foreign ministry, central bank and press agency Ria Novosti that were targeted.
“These attacks are the digital equivalent of flag-burning” during a protest, said Arne Ansper, an IT security expert in Tallinn.
They “shut down the primary information channel of the attacked organisations, but perhaps the more important goal is to humiliate those organisations”, Ansper added.
Cyber attacks have remained a covert tactic, with governments and international organisations refusing to openly admit their use. Neither Russia nor Nato has admitted to being involved in cyber attacks.
“It is very difficult to identify attackers,” said Ansper. “Anyone can claim the operation. It is even more difficult to tell if they are acting on their own, or if they are fulfilling the orders of someone else.”
Denial of Service attacks had already become a key part of the struggle over Ukraine long before the crisis escalated.
According to a report by British defence firm BAE Systems, a powerful digital virus has infiltrated computers in Ukraine on at least 22 occasions since 2013.
Known as “Snake”, the virus is “one of the most sophisticated and most persistent threats that we have studied”, the report said.
Snake first appeared in 2006, but appears to have been deployed in a more aggressive fashion over the past few months, with Ukraine the primary target.
BAE Systems suspects “a well-organised and technically sophisticated group”, but did not speculate further on the origins of the attacks.
Experts said the virus did not necessarily come directly from the Russian government.
Russia has the means to erase any traces of its cyber intrusions and would have been more discreet, said Eugene Kaspersky, head of the Russian IT security firm that bears his name, saying that Snake looked more like a “phishing virus” than a “cyber weapon”.
- NATO websites targeted in online attack (zdnet.com)
- Ukrainian hackers claim NATO cyber attack (abc.net.au)
- Nato hit in cyber attack linked to Crimea (stuff.co.nz)
- Nato websites targeted in attack claimed by Ukrainian hackers (dawn.com)
- Pro-Russian Hackers Take Down Three NATO Websites (motherboard.vice.com)
- Hackers hit NATO computers (rss.cnn.com)
- NATO computers attacked by hackers (wdsu.com)
- NATO computers attacked by hackers (wyff4.com)
- NATO websites hit by DDoS attack – iT News (itnews.com.au)
- NATO websites hit in cyber attack over Crimea stance (worldbulletin.net)