Russian Government hackers have likely broadly penetrated Ukrainian military, energy and other critical computer networks to collect intelligence and position themselves potentially to disrupt those systems should Russia launch a military assault on Ukraine, according to newly declassified U.S. intelligence,
The Washington Post reports.
Moscow could seek to disrupt Ukrainian entities that provide critical services such as electricity, transportation, finance and telecommunications - either to support military operations or to sow panic in an attempt to destabilize the country, according to a senior administration official who described the intelligence.
The U.S. government has determined only that Russia could undertake disruptive cyber-activity, not that it will, said the official, who like several others spoke on the condition of anonymity because of the matter’s sensitivity. “We don’t know that they have intention to do so,” the official said. “But we have been working with Ukraine to strengthen their cyberdefenses.”
A Kremlin spokesman did not respond to a request for comment.
On Tuesday, the Ukrainian government’s Center for Strategic Communications and Information Security said that PrivatBank, the nation’s largest commercial bank, was hit with a denial-of-service attack that temporarily interfered with customers’ online banking transactions. Service was restored within hours, the government said.
The websites of Ukraine’s Defense Ministry and armed forces were also disrupted, the agency said. It did not say who was behind the attacks.
Should the conflict with Ukraine escalate, officials fear there could be broader cyberattacks in retaliation for Western sanctions or other moves to support Ukraine.
The concern is so great that on Friday the White House’s deputy national security adviser for cyber, Anne Neuberger, ran a tabletop exercise to ensure that federal agencies were prepared for Russian cyber-assaults that might take place in an escalating conflict with Moscow.
Such events could include a cyberattack against Ukraine, an attack against a NATO member or ransomware. “We wanted to prepare for every scenario,” the official said.
President Biden on Tuesday said that “if Russia attacks the United States or our allies through … disruptive cyberattacks against our companies or critical infrastructure, we are prepared to respond.”
Hackers working for Russia’s Federal Security Service, or FSB, and its military spy agency, the GRU, have been spotted inside Ukraine’s systems, according to a second U.S. official and another person familiar with the matter.
The U.S. government also has been warning critical industries in the United States to ensure their systems are as hardened as possible against cyberattacks as Russia could seek to disrupt electricity, gas and other systems. The Russians have in the past infiltrated the control systems of some American electric utilities, though no disruptions resulted.
