Governance & Risk Management , Government , Industry Specific

As Russia Invades Ukraine, Cyber Escalation Threat Looms

White House Slams Putin's Move for 'Peacekeeping Force' to Enter Donetsk, Luhansk
As Russia Invades Ukraine, Cyber Escalation Threat Looms
Ukrainian President Volodymyr Zelenskyy denounced the Russian incursion, saying it was "a violation of the sovereignty and territorial integrity of our state."

Russian troops have invaded Ukraine. But it's not clear if that military incursion alone will trigger strong sanctions by the U.S. and NATO allies or be backed by cyberattacks that target Ukraine or its allies.

See Also: Assess Your Organization’s Firmware Security Risk

Ukrainian President Volodymyr Zelenskyy denounced the Russian Federation's invasion, saying it was "a violation of the sovereignty and territorial integrity of our state."

Russian President Vladimir Putin had announced the decision in a lengthy speech on Monday. He characterized Russia's move as involving "peacekeeping forces" aimed at supporting two Moscow-backed breakaway regions in Ukraine - Donetsk and Luhansk - that are part of the eastern region of the country known as the Donbas.

In response, President Joe Biden "strongly condemned President Putin's decision to recognize the so-called Donetsk and Luhansk People's Republics," and the administration "will continue to consult with our allies and partners about both diplomatic solutions and the consequences we will impose on Russia should it further invade Ukraine," a senior White House official said in a Monday press briefing, speaking on condition of anonymity.

Britain, France and Germany have also agreed to respond to Russia's move with sanctions, and the White House will announce additional measures Tuesday, Reuters reports.

The White House official said the Biden administration had anticipated Putin's specific attempt to characterize the invasion as a peacekeeping mission (see: Cybersecurity Readiness Advised as Russian Threats Loom).

In response, Biden on Monday issued an executive order "that will prohibit new investment, trade, and financing by U.S. persons to, from, or in the so-called DNR and LNR regions," the official said. "This EO will also provide authority to impose sanctions on any person determined to operate in those areas of Ukraine."

Biden spoke with both Zelenskyy and French President Emmanuel Macron on Monday night.

Putin announced his decision to move forces into Donetsk and Luhansk on Monday in a lengthy speech filled with a long list of historical grievances. "Let me emphasize once again that Ukraine for us is not just a neighboring country," Putin said. "It is an integral part of our own history, culture, spiritual space. These are our comrades, relatives, among whom are not only colleagues, friends, former colleagues, but also relatives, people connected with us by blood, family ties."

Adding to the confusion, on Tuesday, Russia said it was recognizing for independence not just the regions of Donetsk and Luhansk, but beyond, The Associated Press reported.

White House: Russia Already Occupied Regions

Provided that Russian forces do not advance beyond Donetsk and Luhansk, Moscow's moves might not be sufficient to trigger strong sanctions, given that Russia has already been occupying these regions, at least on the sly, the White House official said.

"I want to take a step back here and point out something that may be lost on people who have not been paying attention to this conflict throughout most of the last eight years, which is that Russia has occupied these regions since 2014," the official said. "It has been Russia's position that there are not Russian forces present in this part of the Donbas. … They're apparently now making a decision to do this in a more overt and open way. But this has been the state of affairs in that region and a big part of why it has been so unstable since 2014."

The chairman of the Senate Foreign Relations Committee, Sen. Bob Menendez, D-N.J., has called on Russian forces to progress no further. "To be clear, if any additional Russian troops or proxy forces cross into Donbas, the Biden administration and our European allies must not hesitate in imposing crushing sanctions. There must be tangible, far-reaching and substantial costs for Russia in response to this unjustified act," he said.

"Despite repeated efforts to open the door to diplomacy, Vladimir Putin has chosen the path of conflict," Menendez added. "Using Ukraine as a battleground to exert the Kremlin's influence only deepens our resolve to stand with the Ukrainian people so they can finally live in peace, determine their own future and live in freedom."

Speaking to Britain's House of Commons on Monday, Defense Secretary Ben Wallace said that an invasion appeared imminent, given the massing of ground forces.

"We should be under no illusion," he said. "The Russian forces have now massed on Ukraine's borders 65% of all their land combat power. The formations present and the action of the Russian state to date not only threatens the integrity of a sovereign state but undermine international law and the democratic values in which all of us in Europe so strongly believe."

Wallace pledged help from Britain in defending Ukraine. "We have made clear our determination to uphold the defensive principles of NATO and to defend the right of sovereign countries to make choices about their own security arrangements," he said. "The Ministry of Defense will continue to monitor Russian actions, support Ukrainian defensive efforts, and contribute to NATO's response measures."

Later on Tuesday, after reviewing Russia's troop movements, the White House began classifying the movement of Russian troops into Ukraine as an "invasion," which is a term it hadn't immediately applied. Following on from Russia's 2014 invasion of Crimea, "we think this is, yes, the beginning of an invasion, Russia's latest invasion into Ukraine," said Jon Finer, principal deputy national security adviser, The Associated Press reported.

Cyberattack Threat

Ukraine has remained on high alert not only due to the massed Russian forces on its border, but also the threat posed by cyberattacks. Russia has historically not shied away from launching disruptive attacks against, including attacks on its power grid in 2015 and 2016.

In 2017, the destructive NotPetya wiper malware attack was launched via Ukraine's primary tax software provider, wreaking havoc globally. The CIA attributed the attack to Russia's GRU military intelligence unit

Since last December, security experts reported that they were tracking an increase in cyberattacks targeting Ukraine, apparently from Russia (see: Cyber Activity Surges as Russia Masses on Ukraine's Border).

The White House says Russia has been running disinformation campaigns aimed at undercutting the President Zelenskyy's legitimacy.

Last month, multiple Ukrainian government sites were defaced, and some wiper malware also used to target government systems (see: Wiper Malware in Ukraine Ties to Summer 2021 Intrusions).

In response, Western cybersecurity agencies warned all organizations to review their business resiliency readiness, in the event that cyberattacks against Ukraine began to cause collateral damage (see: Cyberattack Spillover From Ukraine: Be Prepared, UK Warns).

Report: Ukrainian Domains May Be Disrupted

Ukraine's Computer Emergency Response Team, CERT-UA, on Monday issued an alert warning that sites hosted in Ukraine's top-level domain - .ua - might be targeted for disruption.

The alert was based on a post to the RaidForums cybercrime forum, which has since been deleted. "The report referred to the lease of servers to prepare new attacks on the websites of the public sector, the banking sector and the defense sector," CERT-UA said. "According to this message, the attacks would target web resources hosted in .ua domains."

CERT-UA urged anyone who saw "signs of cyberattacks or abnormal actions in your information systems" to immediately report that to the government.

Stay tuned for updates on this breaking story.


About the Author

Mathew J. Schwartz

Mathew J. Schwartz

Executive Editor, DataBreachToday & Europe, ISMG

Schwartz is an award-winning journalist with two decades of experience in magazines, newspapers and electronic media. He has covered the information security and privacy sector throughout his career. Before joining Information Security Media Group in 2014, where he now serves as the executive editor, DataBreachToday and for European news coverage, Schwartz was the information security beat reporter for InformationWeek and a frequent contributor to DarkReading, among other publications. He lives in Scotland.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.