Oh no, you're thinking, yet another cookie pop-up. Well, sorry, it's the law. We measure how many people read us, and ensure you see relevant ads, by storing cookies on your device. If you're cool with that, hit “Accept all Cookies”. For more info and to customize your settings, hit “Customize Settings”.

Review and manage your consent

Here's an overview of our use of cookies, similar technologies and how to manage them. You can also change your choices at any time, by hitting the “Your Consent Options” link on the site's footer.

Manage Cookie Preferences
  • These cookies are strictly necessary so that you can navigate the site as normal and use all features. Without these cookies we cannot provide you with the service that you expect.

  • These cookies are used to make advertising messages more relevant to you. They perform functions like preventing the same ad from continuously reappearing, ensuring that ads are properly displayed for advertisers, and in some cases selecting advertisements that are based on your interests.

  • These cookies collect information in aggregate form to help us understand how our websites are being used. They allow us to count visits and traffic sources so that we can measure and improve the performance of our sites. If people say no to these cookies, we do not know how many people have visited and we cannot monitor performance.

See also our Cookie policy and Privacy policy.

This article is more than 1 year old

Smart TVs, satellites, and billboards all hacked in Ukrainian war

NATO analysis shows cyberwarfare is getting smarter and nastier

Black Hat The ongoing conflict between Russian and the Ukraine has shown the increasing sophistication of state-sponsored hackers and the casualties of war have included some surprising victims.

Dr Kenneth Geers, senior research scientist at Comodo and coauthor of a NATO-funded study into the conflict, told delegates at the Black Hat security conference that the conflict showed that online warfare is a fact of life and we had all better get used to the idea. You can grab his slides here and white paper here [PDFs].

“Last month, at a NATO summit in Poland, they adopted the motion that cyberspace is a legitimate domain of warfare. You can agree with that or not but it doesn’t matter, the world’s most powerful military alliance has declared it so.”

Geers has spent the last two years living in Ukraine and studying how the conflict has played out online, away from the battlefield. He said that as tensions on both sides mounted then there was a corresponding increase in hacking activity.

Back in 2012, when the situation was still jaw-jaw, not war-war, websites in Ukraine - and particularly government sites - were frequently defaced. By 2013 Ukrainian sysadmins saw penetration by advanced malware families such as Red October, miniduke and NetTraveler, laying the ground for future attacks.

By the the conflict became a shooting war in 2014 the gloves came off and Ukraine saw a massive and widespread technological campaign. The State Space Agency of Ukraine satellites found that some of its satellites were p0wned, there were special forces attacks against key data lines, and there were a series of political doxing attacks against NATO and the Ukraine.

For example, in February 2014 a highly embarrassing phone call between US Assistant Secretary of State Victoria Nuland and Geoffrey Pyatt, US ambassador to Ukraine, was leaked. In it Nuland was disparaging about some Ukrainian politicians ands was scathing about EU efforts to broker peace in the area, responding with “Fuck the EU.”.

Geers said that, as the troops were moving, there was a different kind of hacking. There was sudden and major changes to Wikipedia pages relating to the country, smart TV sets in the Ukraine were hacked and started displaying Russian propaganda, and fake social media posts were spammed out.

In the latter case the most infamous example was the case of Igor Rosovskiy, who posted on social media that he was a doctor in the Ukraine who had been prevented from treating the wounded by the “fascist” Ukrainian government. These were immediately picked up by Russian media, even after the posts were debunked and the picture of Rosovskiy was identified as being of a Russian dentist.

These attacks weren’t one sided, however. Ukrainian hackers started taking control of Russian digital billboards and broadcast their own propaganda. But the size, depth, and audacity of the Russian attacks shocked NATO, Geers said.

This culminated in an attack on the 2014 Ukrainian presidential election itself. After votes were cast on election day the official government website reported the wrong result. The hacked site reported that a candidate from a far-right party who received few votes had won, and again Russian media ran with the news.

Then there was the infamous hacking attack against the Ukrainian power system that blocked out 50 substations and left 200,000 people in the dark. Geers said the blackout was initiated by spear phishing staff at electrical utilities, blocking backup systems, with the possible use of a Cisco zero-day to gain control of key systems.

"There is no question cyberwar exists, but whether it rises to being a weapon of mass distraction isn’t certian,” he said. “It’s not decisive I think. But if you’re a tank commander and the opponent has a zero day on an app you need then it’s going to be a long day on the battlefield because modern military hardware is basically a collection of computers.” ®

 

Similar topics

Similar topics

Similar topics

TIP US OFF

Send us news


Other stories you might like