Introduction
When the war in Ukraine broke out, many analysts were surprised to discover that what was simultaneously happening in the cyber domain did not match their predictions[1]. Since the beginning of the fighting, new cyberattacks taking place in Ukraine have been identified every week, which lead to a variety of interpretations – and indeed a global feeling of confusion. In this report, we aim to provide a strategic technical assessment of our understanding of current events.
Much of the debate around the situation concerns the question of whether or not a cyberwar is taking place. However, we find this question to be entirely irrelevant. While there is no question that a high number of cyberattacks have taken place and are still taking place in the country, we recognize that the overwhelming majority of cyber events thus far have been overshadowed by the kinetic aspects of the conflict. We nevertheless do still see value in attempting to interpret the data at hand, in alignment with Kaspersky’s constant commitment to understand more about threat actors and how they are organized.
Therefore, with this article, our core aim is to share a threat landscape overview, which Kaspersky cybersecurity researchers in its Global Research and Analysis Team (GReAT) are observing in relation to the conflict, with the wider international community and thus to contribute to broader ongoing cyber-stability discussions of threat-related insights.
Overview of cyber activities
Since the beginning of the war, the international community has observed a very high number of attacks of various kinds and degrees of sophistication. These attacks include:
Destructive attacks such ..
Support the originator by clicking the read the rest link below.
