In cyberspace, Russia has not yet used all its capabilities

“Parry your shields (Shields up)!” »,let it be known the American agency dedicated to cybersecurity. “Any organization – large or small – must be prepared to face cyber actions”she explains on her website.

→ LIVE. War in Ukraine: follow the course of this 9th day of the Russian attack

Same story in France, on the side of the National Agency for Information Systems Security (Anssi). She “notes the use of cyberattacks in the context of the conflict in Ukraine. In a digital space without borders, these cyberattacks can affect French entities and it is advisable without giving in to panic to anticipate and prepare for a March 2 report.

“Limited impact”

Of which act. Anssi offers on its site a guide to good practice for companies. But the attacks are not at the dreaded level. ” These cyberattacks have limited impacts at the moment “, notes the public actor.

The Russian invasion of February 24 raised fears of the worst. Eset, a major player in IT security, took inventory major attacks between February 23 and 25, notably targeting Ukrainian government sites and banks. The company notes that software of the type wiper – literally “windscreen wiper” – were used. Their goal: to destroy data and therefore neutralize infrastructures.

“The attacks had been planned for several months”

Eset researchers note that “elements of malware (malicious software) suggest that the attacks had been planned for several months” and that in all likelihood “affected organizations were compromised long before the deployment of the malware » with operations carried out as early as 2021. These attacks have not been attributed at this time. However, there is no doubt that the perpetrators are to be found in Russia.

Except that since then, no large-scale attack has been reported. “The Russians are far from using all their cyber capabilitiessays Mike McNerney, vice president of a San Francisco-based cyber risk insurance company. For the moment, the bulk of the attacks observed are more a result of a desire for diversion and disorganization than a real intention to destroy infrastructure. » The focus is on online disinformation and propaganda via armies of “trolls” subservient to the Kremlin, i.e. users who strive to create controversy and confusion on the Web.

Dangerous Liaisons

“The reasons for the Russians’ under-exploitation of their very good cyber capabilities are still unclear»analyzes Ciaran Martin, the former head of the National Cyber ​​Security Center, the British agency dedicated to cyber risk, in a blog post. He notes that the logistical difficulties encountered by the Russian army make it necessary to rely on local infrastructures: “Russia may have decided not to touch the (Ukrainian) Internet network because it needs it for its own communications. It is also possible that, like conventional forces, government hackers were unprepared. »

This does not prevent us from noting some offensives, probably Russian. The Ka-Sat satellite, for example, was the victim of a cyberattack on February 24. Two consequences: in Central Europe, nearly 6,000 wind turbines controlled from the sky have since been out of control and, according to Le Figarothe American operator Viasat, which provides Internet to its customers via this satellite, saw its services stop.

“Do not fall into paranoia”

“There is heightened vigilance at the Ministry of Defence. But there’s no point in falling into paranoiaexplains Lieutenant-Colonel Vincent Tourny, responsible for the security of information systems at the ministry during a round table on the subject. It is up to companies to properly implement the measures. We observe so-called “poor man” attacks based on ransomware or DDOS (denial of service attacks: typically, a network will be saturated with requests, editor’s note). A full-scale attack would be an act of war. »

A close eye is on Russian cybersecurity firm Kaspersky. No attack has been detected in this way, but its software could serve as a gateway. The fact remains that for the moment, if the great cyber war has not taken place, the threat is also maintained by companies that have an interest in it, as summarized by Mike NcNerney: “It’s well known that to sell security solutions, it’s better to scare people! »

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.