Ukraine conflict and cybercriminals

Cybercriminals and hackers have a prominent role in the Ukraine conflict, as our team reported monitoring the current cyber security situation.

The Ukraine conflict has highlighted the prominent role that cybercriminals and hackers might play in a contemporary war characterised by the extensive use of tech products, social media and the Internet.

Today, March 21st, 2022, the Ukraine conflict marked its twenty-six day of fighting between the Ukrainian and the Russian armed forces. According to Ukrainian official sources, the Russian military troops bombed last night, particularly the Ukrainian capital, Kyiv, and the north-eastern Sumy region, while anti-aircraft warning sirens rang out in at least six other oblasts.

Local authorities reported that the Russian military attacks caused an ammonia leak from the Sumykhimprom chemical plant in the Sumy region even though the Center for Strategic Communications of the Ukrainian Ministry of Culture said on Twitter that the situation is under control.

Last night the Ukrainian Government rejected the Russian request to hand over the city of Mariupol, which is under siege. On the one hand, the Ukrainian Deputy Prime Minister Iryna Vereshchuk confirmed that “Surrender is not an option” and demanded that Russian forces immediately allow safe passage for the civilians’ evacuation. On the other hand, the Russian Defense Ministry argued that it would only establish a humanitarian corridor if Mariupol surrendered.

Whether in Ukraine fighting is still going on, several actors are trying to mediate peace between Kyiv and Moscow in the international arena. Indeed, while the resumption of the Russian-Ukrainian talks in the online format is expected for today, Switzerland stated that it would be ready to host negotiations between Russia and Ukraine or, in any case, to mediate.

Cyber security and cybercriminals

As we reported at the beginning of the conflict (Ukraine conflict: cyber warfare and geopolitical risk), the Ukraine conflict has evolved into a cyberwar between Russian, Ukrainian and international hackers and cybercriminals.

According to Accenture’s report, the world of cybercriminals is currently splitting between Russian and Ukrainian supporters. Accenture’s Cyber ​​Threat Intelligence team, which tracks illegal activity on the dark web, pointed out in its report that, for the first time, financially motivated cybercriminals are divided into ideological factions. The pro-Ukrainian hackers apparently refuse to cooperate with the pro-Russian ones and try to attack entities that support the Moscow government. Instead, pro-Putin hackers attack “enemies of Russia”, particularly in Western countries, they regard as warmongers.

Why does it matter?

The Ukraine conflict has had a massive impact on the world of international relations, changing the balance of power and, as several analysts have pointed out, transforming the global arena into a multipolar world. The conflict has different layers of fighting: military, strategic communications, diplomacy, and cyber.

Since the beginning of the conflict, Anonymous has inflicted considerable damage to the Russian Government hacking its military databases, showing videos and images of the conflicts to the Russian populations through official Russian state media channels, and hunting Russian financial interests and back accounts.

On the other side, the Russian Federation has established a cyber team able to attack Western institutions and economic activities and influence electoral processes, according to the U.S. Intelligence reports. Considering the division between pro-Ukrainian and pro-Russian hackers and cybercriminals that we are experiencing nowadays, the impact of the current cyber warfare might hugely damage U.S. and European specific economic and financial sectors. In this regard, cybercriminals have targeted financial, and insurance institutions and critical infrastructures spreading on the web data source code, chat logs, sensitive material.

In conclusion, it is possible to predict that from both sides, the cyberattacks against critical infrastructures, government websites, and media channels will increase, posing a severe threat to international stability and security and people’s privacy.

Author: Giuliano Bifolchi


Request the full SpecialEurasia report on cyber security and the Ukraine conflict by contacting us HERE. During the last two weeks of march, SpecialEurasia organises a training course in Open Source Intelligence & Geopolitics in the Italian language. The participants will analyse the Ukraine conflict and cyber security as a case study.