Moscow began a hybrid war in Ukraine weeks before any battalions entered the country. Ukrainian officials say that Russia stepped up a destabilization campaign involving cyberattacks, economic disruption and new tactics. The new misinformation methods, such as a deluge of emailed bomb threats and texts to residents informing them that ATMs are down, can cause panic. While they may sow immediate doubt and confusion, they can be easily disproved.

       A U.S. official cautioned on Friday that Russia plans to discourage Ukrainian soldiers with false reports about the widespread surrender of Ukrainian troops. Throughout the month U.S. intelligence has warned of several propaganda and panic-causing misinformation strategies that could have a longer-lasting impact. Officials accused the financial blog Zero Hedge of publishing propaganda articles created by Russia-controlled media. They also released declassified intelligence showing Moscow planned to use false video as justification for attack, including scenes of a staged, false explosion with corpses, actors depicting mourners and images of destroyed buildings and military equipment. It appears that no videos have been released.

       A distributed denial-of-service attack Wednesday on major government and financial institutions’ websites was short-lived. However, more destructive cyberattacks in the traditional sense—wiper software, ransomware and other malware—could have long-term or delayed impact on a country’s stability.

       In this conflict there have been no known infrastructure or systems attacks that have caused irreparable harm so far. Some experts at the WSJ CIO Network Summit warned companies to prepare for phishing and password-spraying attacks that recycle passwords from past password data dumps to access corporate networks.

       John Hultquist, director of intelligence analysis at the U.S.-based cyber intelligence firm Mandiant, said major attacks linked to Russia have typically either disrupted critical infrastructure, leading to widespread impact, or relied on either a supply-chain hack or strategic web compromise to infect scores of victims. The recent activity in Ukraine so far appears to lack either of those components, though it is possible those elements exist but haven’t been activated yet, he said.

       It is not always clear who is responsible for these actions, but U.S. and Ukrainian officials have tied many of the recent attacks to Russian military or Kremlin-funded operators. Russia’s security agencies compete with each other, according to the Congressional Research Service, and often conduct similar operations on the same targets, making specific attribution and motivation assessments difficult. There are two primary cyber units run by Russia’s military intelligence agency. Online disinformation and psychological operations are handled by a different special services unit. And the military also controls several research institutes that help develop hacking tools and malware. The Internet Research Agency is headed by a close ally of President Vladimir Putin. The EU is sanctioning the private company because of its role in allegedly spreading disinformation about Ukraine and the current crisis.

       The Harvard Belfer National Cyber Power Index, published in 2020 by the China Cyber Policy Initiative, is useful in comparing Russia with other world powers. The index frames the most comprehensive cyber power as “the country that has (1) the intent to pursue multiple national objectives using cyber means and (2) the capabilities to achieve those objective(s)."

       MINT PREMIUM See All

       Premium Kyiv and Moscow hold talks as Ukrainian troops repel Ru ...

       Premium Women’s cricket World Cup 2022: a preview in five charts

       Premium FX reserves offer good cushion: Anantha Nageswaran

       Premium NSE probe turns to unlawful gainers

       The index weighs two metrics: capability and intent. Capability considers all aspects under control of the government as well as the private sector, both proven and potential. The analysis equally weighs intent across seven objectives.

       In this index, Russia scores low on defense, norms and commercial intent, which weighs down its higher marks in surveillance, control and offense. Offensive cyber operations that can destroy or disable an adversary’s infrastructure and capabilities only account for some of the cyberattacks and misinformation tactics Russia has used so far in Ukraine.

       Subscribe to Mint Newsletters

       * Enter a valid email

       * Thank you for subscribing to our newsletter.

       Never miss a story! Stay connected and informed with Mint. Download our App Now!!