KIEV – With cyberattacks already launched against Crimean separatists, the Kremlin and NATO, the ground war may not have started in Ukraine, but computer warfare is already raging.
In recent days — and with increasing intensity Sunday — a virtual war has commenced in the countries at the center of the worst East-West diplomatic crisis since the end of the Cold War.
The “soldiers” of this war do not wear uniforms and don’t necessarily swear allegiance to one particular country. Their chosen weapon is distributed denial of service (DDoS), an attack designed to overwhelm Web servers and make their websites unusable.
The attacks accelerated as soon as voting booths opened Sunday for the referendum in Crimea, which saw 96.8 percent of voters back leaving Ukraine to join Russia. The site created by separatist groups to monitor the vote was blocked for an hour Sunday, with the pro-Russian government accusing hackers from the University of Illinois, Urbana-Champaign of being behind the attack.
A few hours earlier, NATO, which has come out in support of the new, pro-Western government in Kiev, reported an attack on its servers by Ukrainian hackers using the name “CyberBerkut,” which shut down three of its websites.
In a message posted on their own site, the group said it will “not allow a NATO presence on the territory of our homeland.”
The group’s name is a reference to Berkut, the riot police unit used by Ukrainian President Viktor Yanukovych against antigovernment protesters prior to his ouster last month.
Although the sites could not be used for several hours, NATO representative Oana Lungescu said the attacks had no operational impact.
A little more than 24 hours earlier, it was the Internet sites of the Kremlin, Russian Foreign Ministry, central bank and press agency Ria Novosti that were targeted.
“These attacks are the digital equivalent of flag-burning” during a protest, said Arne Ansper, an IT security expert in Tallinn.
They “shut down the primary information channel of the attacked organizations, but perhaps the more important goal is to humiliate those organizations,” Ansper added.
Cyberattacks have remained a covert tactic, with governments and international organizations refusing to openly admit their use. Neither Russia nor NATO has admitted to being involved in cyberattacks.
“It is very difficult to identify attackers,” said Ansper. “Anyone can claim the operation. It is even more difficult to tell if they are acting on their own, or if they are fulfilling the orders of someone else.”
DDoS attacks had already become a key part of the struggle over Ukraine long before the crisis escalated.
According to a report by British defense firm BAE Systems, a powerful digital virus has infiltrated computers in Ukraine on at least 22 occasions since 2013.
Known as “Snake,” the virus is “one of the most sophisticated and most persistent threats that we have studied,” the report said.
Snake first appeared in 2006, but appears to have been deployed in a more aggressive fashion over the past few months, with Ukraine the primary target.
Experts said the virus did not necessarily come directly from the Russian government.
Russia has the means to erase any traces of its cyberintrusions and would have been more discreet, said Eugene Kaspersky, head of the Russian IT security firm that bears his name, saying that Snake looked more like a “phishing virus” than a “cyberweapon.”