Cyberattacks on the rise since the start of the Ukraine invasion

Cyberattacks are becoming more frequent, and some businesses have registered a huge spike in these events since the start of the Russian invasion of Ukraine.

Almost one in three businesses (31%) and a quarter (26%) of charities suffering attacks said they now experience breaches or attacks at least once a week, according to the UK Department for Digital, Culture, Media and Sport.

Similar trends have been reported in the United States and the European Union.

At a recent cybersecurity hearing before the US House Committee on the Judiciary, FBI Assistant Director for Cybersecurity Bryan Vorndran said that “instances of Russian scanning have increased,” alluding to programs that conduct virtual reconnaissance to find out an organization’s weaknesses. This could suggest an imminent series of attacks against US firms and agencies.

And on Wednesday, US Attorney General Merrick Garland said that the government had removed malware from computer networks around the world that could have massively infected private computers everywhere.

Meanwhile, the Court of Auditors of the European Union said in a report that the EU’s institutions, businesses and agencies “have not achieved a level of cyber-preparedness commensurate with the threats.”

“Significant incidents (that are neither repetitive nor basic) typically involve the use of new methods and technologies and can take weeks if not months to investigate and recover from.” The report underscored one recent example, a cyberattack on the European Medicines Agency, where “sensitive data was leaked and manipulated in a way designed to undermine trust in vaccines.”

Industry firms confirm the upward trend in security breaches and point at the invasion as a trigger. “Since the Ukraine invasion, some companies that maintained activity with Russia have registered a 1,000% increase in attacks,” said Ricardo Sanz, cyber security director at the Spanish firm Evolutio.

Another cybersecurity company called Check Point said in a report that one month into the invasion, “both Russia and Ukraine saw increases in cyberattacks of 10% and 17% respectively.” It also said that in Europe, the average weekly attacks per organization a month after the war started stood at 18% higher than before the beginning of the war. In the US that figure was 14%.

“It looks like cybercriminals are increasing their efforts to make the most of the situation,” said Eusebio Nieva, Check Point’s technical director for Spain and Portugal. “The trend is visible not just in both countries involved [in the war] but in the entire world.”

Sometimes, the war serves as a cover for fraud. The cybersecurity firm Bitdefender Labs has cautioned against emails that appear to be collecting donations to help Ukraine. But many of the attacks are much more sophisticated than that. Jakub Kroustek, director of malware research at Avast, explained that in the past, malware was designed to perform a single action. But these days, “these programs are like Swiss army knives, able to perform more than one intervention, and often designed to cause more damage.”