Russian Hackers Slammed Ukraine After Invasion, Google Says

Russian state-sponsored hackers have inundated Ukrainian targets with a “near-constant digital attack” in the year since the invasion, Alphabet Inc.’s Google said in a new report.

(Bloomberg) — Russian state-sponsored hackers have inundated Ukrainian targets with a “near-constant digital attack” in the year since the invasion, Alphabet Inc.’s Google said in a new report.

In a report released Thursday ahead of the Munich Security Conference, Google’s Threat Analysis Group (TAG) said that Russian government-backed attackers increased their attempted hacks on Ukrainian users last year by 250% compared with 2020. The company used 2020 as a baseline because there was an increase in attacks in the run-up to the war. 

Ukraine’s ministries of Defense, Foreign Affairs and the National Agency for Service were among the top targets last year, Google said. 

The US and UK previously blamed Russia for a cyberattack on a satellite network that resulted in communication blackouts for parts of Ukraine prior to the war. Ukrainian officials also said that malicious cyber activity represents one aspect of hybrid warfare that’s intended to destabilize Ukraine. 

Hackers also have increased their focus on members of the North Atlantic Treaty Organization, particularly Poland, Germany and the Baltic states, Google said. In 2023, Google said, it expects Moscow to step up attacks not only on Ukraine but also on NATO partners. 

NATO countries experienced a 300% increase in Russian phishing campaigns last year compared to 2020, according to the report. Pushcha, which originated in Moscow’s ally Belarus, targeted Poland and Lithuania in 2022, while Russia’s Coldriver targeted European militaries, it found.

“It is clear cyber will continue to play an integral role in future armed conflict, supplementing traditional forms of warfare,” researchers from Google’s TAG group said in the report.  

Attacks against Ukraine’s cyber infrastructure haven’t just originated from Russia, Google reported. Highlighting “Curious George,” a group that the Threat Analysis Group attributes to the Chinese military, Google said there has been a shift in focus from Russian and Mongolian toward Ukrainian government organizations.

(Updates with phishing campaigns against NATO in sixth paragraph. A previous version of this article corrected the reason 2020 was used as a baseline.)

More stories like this are available on bloomberg.com

©2023 Bloomberg L.P.