Written by Jakub Przetacznik with Simona Tarpova.
Russia launched its war on Ukraine on 24 February 2022, but Russian cyber-attacks against Ukraine have persisted ever since Russia’s illegal annexation of Crimea in 2014, intensifying just before the 2022 invasion. Over this period, Ukraine’s public, energy, media, financial, business and non-profit sectors have suffered the most. Since 24 February, limited Russian cyber-attacks have undermined the distribution of medicines, food and relief supplies. Their impact has ranged from preventing access to basic services to data theft and disinformation, including through deep fake technology. Other malicious cyber-activity involves sending of phishing emails, distributed denial-of-service attacks, and use of data-wiper malware, backdoors, surveillance software and information stealers.
Organisations and governments around the world have not been indifferent to the hybrid risks thus posed. EU-, US- and NATO-led initiatives have been carried out with the aim of neutralising cyber-threats and protecting essential infrastructure. As part of these initiatives, the EU has activated its Cyber Rapid Response Teams (a project under Permanent Structured Cooperation (PESCO) in the area of security and defence policy), to support Ukraine’s cyber-defence. Non-government and private players have supported Ukraine through various cyber-resilience activities. Since the beginning of the invasion, a significant number of counter-attacks have been launched by independent hackers, affecting the Russian state, security, banking and media systems.
The European Parliament has called for stepping up cybersecurity assistance to Ukraine and for making full use of the EU’s cyber-sanctions regimes against individuals, entities and bodies responsible for or involved in the various cyber-attacks targeting Ukraine.
Read the complete briefing on ‘Russia’s war on Ukraine: Timeline of cyber-attacks‘ in the Think Tank pages of the European Parliament.