PerspectiveRussia Unleashes New Weapons in Its “Cyber Attack Testing Ground”: Report

Published 10 February 2020

“Ukraine is, by and large, a Russian cyberattack testing ground,” Vitali Kremez told Forbes’s Zak Doffman. “One of the inherent cyber dangers with Russia, China, Iran and North Korea, but particularly with Russia, is the potential for state actors to sharpen their tools and techniques on neighboring countries,” Doffman writes. And Russia “doesn’t have Ukraine in its sights with this costly approach, it is looking much further west.”

“Ukraine is, by and large, a Russian cyberattack testing ground,” Vitali Kremez told Forbes’s Zak Doffman. The head of SentinelLabs has just written a new report which details the actions Russian cyber threat group “Gameredon” is taking against Ukraine, and the wider implications of this. “We assess with high confidence,” Kremez says, “that the Russian targeting and approach towards Ukraine is preparatory and will be replicated across other targets related to the Russian government,” Kremez says.

Doffman writes:

Kremez is using his report to call out an escalation in cyber espionage attacks on strategic Ukrainian targets—security, military and government related. The attacks are using newly modified Windows malware, likely to be the “preparatory stage” for a full cyberattack. Malware that is designed to collect and return data, seeking instructions from a remote command and control server. The new report claims this cyber campaign has now hit as many as five thousand “unique” entities in Ukraine.

Ukraine can be viewed as a microcosm of the wider cyber standoff between Russia and the west. Fighting without actually fighting, as Kremez puts it in his report. But there are many other factors in there as well, including the honing of social engineering to compromise individuals and capture better intelligence—here the phishing even plays on the conflict to incite patriotism in target individuals to bait the click.

One of the inherent cyber dangers with Russia, China, Iran and North Korea, but particularly with Russia, is the potential for state actors to sharpen their tools and techniques on neighboring countries, not just dissident groups. Russia has become the hybrid warfare master. And, as I reported back in September, the state has invested heavily in duplicating capabilities to avoid compromise and intensify the potency of any attack. And it doesn’t have Ukraine in its sights with this costly approach, it is looking much further west.