In 2023, two key global conflicts saw cyber capabilities work alongside kinetic warfare. Notably, Russia’s ongoing invasion of Ukraine and the Israeli-Palestinian conflict.
Russian Invasion of Ukraine
Increased Attacks, Reduced Impact
Although cyber-attacks have not been the leading attack method in this war, and have not met previous conceptions of Russia’s reputation as a prolific cyber actor, they have certainly become part of the broader military strategy on both sides. As the war continues to unfold, it is likely that we will continue to observe the exploitation of cyber powers alongside kinetic warfare against both Ukrainian and Russian infrastructure.
In 2023, cyber-attacks against Ukrainian infrastructure continued to be high; however, their sophistication and overall impact reduced. In H1 2023, Ukraine’s State Service of Special Communications and Information Protection of Ukraine (SSSCIP) identified a 123% increase in registered incidents from H2 2022, however, the growth of critical incidents had severely decreased (-81%), and the ratio of high-level critical incidents improved. During this period, attackers appeared to place greater emphasis on the likes of spray and pray and phishing approaches versus sophisticated techniques. With reduced innovation with respect to the technology used and the methods employed, as well as an increasingly opportunistic rather than strategic approach, Ukraine’s defence has grown stronger. Furthermore, Ukraine’s ability to bolster its security defences should not be understated. Prior hostilities between Ukraine and Russia, as well as international and domestic support, have allowed Ukraine to anticipate and build resilience against Russian capabilities, contributing to their success in 2023. Ongoing cooperation with international bodies such as the NATO Cooperative Cyber Defence Centre or Excellence (CCDCOE), as well as private companies such as Microsoft, Google, Amazon, and ESET, continue to fortify their defence.
Influence and Information Operations
Particular emphasis was placed on Russian influence and information operations against Ukraine. Notably, espionage, surveillance and intelligence gathering targeted the Ukrainian civic sector with law enforcement a key interest. The likely suspected objective here being to ascertain information gathered by Ukraine, which could be used to identify Russian war crimes. Such evidence could assist in criminal proceedings against Russian individuals and companies engaged in the war. Advanced Persistent Threat groups (APTs), notably the Russian Federal Security Service (FSB), the Main Directorate of the General Staff of the Armed Forces of the Russian Federation (GRU), and the Foreign Intelligence Service of the Russian Federation (SVR), were identified as likely responsible. The threat actors would often revisit previously targeted victims, leveraging information accessed to conduct further operations.
57
Made with FlippingBook - PDF hosting