Is cyber the new modern warfare?

For the past week, we have witnessed Russia’s all-out offensive on Ukraine that has resulted in the loss of nearly 2,000 Ukrainian civilians’ lives as I write this, and sadly, more to come.

This conflict has been heartbreaking to watch unfold, to say the least. The pictures and videos of Ukrainian civilians, some as old as our grandparents and as young as grade-school children, being given weapons and getting trained to use them to defend their freedoms and fight off the Russian assault is just gut-wrenching to witness from afar.

While Russian President Vladimir Putin’s troops continue their assault on Ukraine and kill innocent lives as they inch closer to Ukraine’s capital city of Kyiv, we are witnessing two types of warfare going on with this Russia-Ukraine conflict.

In addition to the physical warfare escalating between the two neighboring countries over the last seven days, cyber warfare has escalated during – and most likely prior to - this conflict, to the point that government entities in the United States and abroad are closely monitoring the cyber situation and have issued directives, just in the last week alone, to ensure preparedness and readiness to respond to disruptive cyber activity, both in the U.S. and around the world.

Here in the States, the Cybersecurity & Infrastructure Security Agency (CISA) issued “Shields Up” guidance for U.S. organizations of all sizes to “adopt a heightened posture when it comes to cybersecurity and protecting their most critical assets,” as the agency noted.

These recommended actions include taking the necessary steps to reduce the likelihood of a damaging cyber intrusion, take steps to quickly detect a potential intrusion, ensure that the organization is prepared to respond if an intrusion occurs, and maximize the organization's resilience to a destructive cyber incident.

By following this recommended guidance, CISA noted that “all organizations can make near-term progress toward improving cybersecurity and resilience.”

CISA, together with the Federal Bureau of Investigations (FBI), also issued a joint cybersecurity advisory, “Destructive Malware Targeting Organizations in Ukraine," that provides an overview of destructive malware that has been used to target organizations in Ukraine, as well as guidance on how organizations can detect and protect their networks.

“In the wake of continued denial of service and destructive malware attacks affecting Ukraine and other countries in the region, CISA has been working hand-in-hand with our partners to identify and rapidly share information about malware that could threaten the operations of critical infrastructure here in the U.S.,” CISA Director Jen Easterly said upon release of the advisory.

FBI Cyber Division Assistant Director Bryan Vorndran added, "The FBI, alongside our federal partners, continues to see malicious cyber activity that is targeting our critical infrastructure sector. We are striving to disrupt and diminish these threats. However, we cannot do this alone. We continue to share information with our public and private sector partners and encourage them to report any suspicious activity. We ask that organizations continue to shore up their systems to prevent any increased impediment in the event of an incident."  

Just yesterday, the Security Industry Association (SIA) issued a statement on the conflict in Ukraine, urging all SIA members to be “particularly mindful of the cybersecurity impact that this conflict could have on all U.S. companies, particularly those responsible for protecting critical infrastructure.”

As the U.S. intensifies its efforts to thwart its own cyber threats during the Russia-Ukraine conflict, we have seen how Russia’s cyber attacks on Ukraine have led to a dramatic increase in the number of Virtual Private Network (VPN) installations in Russia.

According to user data released this week by Atlas VPN, Virtual Private Network installs in Russia surged by a whopping 1,906 percent over the last few days. “The interest in VPNs started to increase on Feb. 16, 2022, after the first wave of cyberattacks against Ukraine occurred,” according to Atlas VPN, adding that “if major events continue, we could see numbers ascending even higher.”

In addition to launching missiles, firing weapons and conducting drone strikes, Russia’s full-fledged attack on Ukraine has involved cyberattacks on Ukrainian government and critical infrastructure organizations, as CISA pointed out.

It’s quite apparent from the events of recent days that remaining cyber vigilant is just as critical as protecting one’s borders. We can only hope that Ukraine can withstand the two-pronged attack that Russia has unleashed, and that peace and security – both from a physical and cyber standpoint - can be achieved.