WAR WITHIN A WAR
One war which rages all the time is a Cyber War, for a variety of reasons between countries in a multifarious manner; from propaganda, to meddling in internal issues, to theft of intellectual property and the list goes on. It can be as exhaustive as the cyber world itself. For the odd situation of an all-out war, the Cyber War takes the role of providing supporting fire, in areas where either the conventional war is of no use, or this would be turn out to be much more effective in debilitating the enemy, than the visible damage, effort and spending on a conventional war mode. Given the nature of critical infrastructure today, cyber war or attacks are very effective.
The IT backbone itself is the most critical, bringing it down, leading to internet outage or severing of service makes a serious impact on large number activities. Besides that, it sends a clear message to the enemy that they have superiority even in this new theatre of war. Secondly, the functioning of the critical infrastructure of the enemy nation is at risk. All critical infrastructure which literally run the nation, have at their backend critical information infrastructure. Any effective cyber-attack on it, can make the concerned critical infra non-operational; without any conspicuous damage. Cyber armies and added to that non-state actors take on to the cyber battlefield, to help support conventional war effort. The current Russia – Ukraine war is no different. Russia by now is an old grandmaster in this game.
Ukraine has faced regional internet outages even extending up to a week. This was also an act of war. Europe had earlier faced a massive internet outage as a consequence of this war. And now the Russian cyber offensive is becoming more blatant. Russian hackers have tried attacking Ukraine’s power grid with Industroyer2 malware. The Computer Emergency Response Team of Ukraine, (CERT-UA) has informed the world that it has been successful in thwarting a cyber-attack by Sandworm. Sandworm is a hacking group affiliated to Russia’s Military Intelligence. They were trying to sabotage the operations of an unnamed energy provider in the country.
An official statement said, ”the attackers attempted to take down several infrastructure components of their target, namely: Electrical substations, Windows operated computing systems, Linux-operated computing server equipment and active network equipment.” The attempted intrusion involved the use of ICS-capable malware and regular disk wipers. The adversary had unleashed an updated variant of the Industroyer malware. This malware was first used in a 2016 assault on Ukraine’s power grid. Besides using the Industroyer2, Sandworm used several destructive malware families including CaddyWiper, OrcShred, SoloShred, and AwfulShred. The attack has happened in two waves, first coinciding with the Russian invasion of Ukraine and second in April that allowed the attackers to upload Industroyer2, also known CrashOverride,” which happens to be the biggest threat to industrial control systems since Stuxnet.
CBYER ATTACKS ARE THE MOST POTENT WAY TO BRING ENEMY CRITICAL INFRASTRUCTURE TO A STANDSTILL.