Russia Launched an Eight-Year Cyberwar on Ukraine Before Invading, Cybersecurity Expert Explains
Russia lodged a series of cyber-attacks on Ukraine for many years in the run up to war, including planting ‘sleeper cells’ in the U.S. and U.K., according to a cybersecurity expert.
Andrew Jenkinson, Fellow of the CyberTheory Institute, has written a new book examining in-depth the digital warfare that led up to the Russian invasion of Ukraine.
Jenkinson, who has also been named as one of the world’s leading 30 Cyber Security Experts by The European Institute of Risk, says many systems across the world are still vulnerable to attack.
Large-scale cyberattacks
Although cyberattacks are not uncommon, Jenkinson argues that Russia had knowingly been exploiting Ukraine’s digital vulnerabilities as a proving ground for nearly a decade.
He explains: “Malware attacks caused untold damage to the Ukrainian population and government previously, which allowed Russia to fine-tune cyberattacks for further, more global events.
“Russia had been planting cyber sleeper digital cells for years, which means embedding malware into vulnerable systems and waiting for a perfect time to make a co-ordinated strike, especially in the U.S. and the U.K.”
Then came the large-scale cyber offensive, launched by Russia against 70 Ukrainian government websites.
This attack rendered the nation’s digital infrastructure ineffective, causing chaos and meaning the Ukrainian people were unable to communicate with their government and get up-to-date information.
Widespread vulnerabilities
In his book, Digital Blood on Their Hands, Jenkinson claims that security faults were made public knowledge years ago but that few have made significant attempts to rectify them.
He examines whether the attacks could have been prevented and what risks still exist for further attacks.
Jenkinson said: “Ukraine’s current cyberwar started some eight years ago and has been ‘patched up’ using metaphorical band aid plasters to cover gaping wounds ever since.
“We know that the vast majority of organisations, including the Ukraine government, were, and still are, maintaining sub-optimal, insecure and not secure positions of not only their websites and servers.”