March 3, 2022 at
Ukrainian websites have seen a fair share of cyberattacks since the war began a week ago. Apart from using physical warfare, Russia has also engaged in cyber warfare in the ongoing geopolitical conflict. Last week, the Ukrainian government reported that it discovered a series of attacks that targeted some major banks and government websites.
This time, a Ukrainian mapping tool was taken offline after suffering another DDoS attack. The mapping tool, called Liveuamap, is used by relief organizations and journalists to follow the conflicts in Ukraine. However, it’s not clear whether the Russian government was behind the attack.
According to reports, the attack on the mapping tool lasted up to 18 hours before its functionality was restored.
The Websites Gradually Returns Online
The website was launched by Ukrainian software developers and journalists in 2014 and generally operates outside the Eastern European country.
According to the report by Liveuamap, the website has started coming back online and some of its functionalities have been restored with the help of Cloudflare. However, as of the time of writing, the site’s mobile app is still experiencing some issues.
While some may point accusing fingers at Russia, following the recent geopolitical tensions, no evidence connects Russia to the attack yet.
After Russia invaded Ukraine, the latter’s government sites suffered a series of cyberattacks. Following the attacks, Ukraine assembled an IT team to investigate and protect the country from further attacks. Ukraine also launched reparatory cyberattacks to disrupt government websites. In the same weekend, the notorious Anonymous hacking group warned Russia of impending DDoS attacks on Russian government sites if the war against Ukraine continues. The group claimed responsibility for a brief disruption of the website of Russia’s Ministry of Defense.
More Cyber Attacks Looming As War Continues
In today’s world, nations who are in conflict engage themselves with a series of cyberattacks in addition to other warfare. This has proven to be the case between Russia and Ukraine. While both are targeting the online networks predominantly in their respective countries, there is always going to be online casualties from other foreign companies with operating offices in these countries.
As a result, both U.K and U.K government agencies have asked organizations with supply chain ties or other connections with Ukraine and Russia to be more vigilant. Apart from the actions of these nation-state actors, other individual or private hackers may use this type of opportunity to launch their cyber attack campaigns. In times like these, people are usually less vigilant online, which will allow threat actors to strike.
Cybersecurity researchers at Trustwave SpiderLabs are actively monitoring social engineering and phishing techniques that may be used by threat actors during this period. The researchers say they have observed an unusually high volume of cyber activity on the darknet as it relates to the Russian-Ukrainian conflict.
They also noted that these cyber tactics could have a major impact on corporate cybersecurity and the geopolitical conflict in the long term.
Trustwave SpiderLabs also revealed that apart from opportunistic hackers, several darknet forum members are only interested in influencing the conflict from the cyber point of view.
As a result, there can be a high increase in the number of DDoS attacks and counter-attacks against Ukrainian and Russian officials and websites. Some others are more interested in influencing propaganda by launching attacks on the Russian and Ukrainian government websites.
Attacks May Not Come From Ukraine Or Russian Governments
In past geopolitical conflicts, cyberattacks tend to play a much less significant role. But with the level of online awakened and adoption of digital technology, the war is now fought in cyberspace as well.
The researchers also pointed out most of the organized cyberattacks may not be connected to any Russian or Ukrainian government efforts. The activities may be coordinated by hackers who are influenced to pick a side during the geopolitical conflict or merely lone-wolf hackers who are doing it for other reasons.
Several sources have also used Facebook and other social media sites to recruit forces to launch these attacks. Underground cyber defenders are now roaming the internet with different strategies they can use to influence the conflict and use it to their advantage.
As a result, individuals and organizations have been warned to be very vigilant to avoid being caught in the ongoing cyber cross-fire.