As Ukraine enlists underground hackers to fight the Kremlin's Sandworm, should we fear Russia's cyber attacks?

As Russia doubles its land, air and sea attacks on Ukraine, in cyberspace underground hackers are now battling the Kremlin on a digital frontier.

From nut and crisp giant KP Snacks to Scotland’s own environmental watchdog SEPA, all manner of companies and institutions have been struggling to recover after having their data stolen by hacking groups like REvil and Conti, encrypted and held at ransom for giant sums of money or leaked online.

Yesterday saw Conti, responsible for SEPA’s £2.5 million attack, declared its “full support” of the Russian Government and threatened retaliation against any acts of war on Russia – which earlier this month Chainanalysis found to have links with 74 per cent of 2021’s over $400 million [£299m] ransomware attack revenue.

Sign up to our daily newsletter

But when watching footage of Russian tanks roll through the Ukrainian capital of Kyiv, it’s easy to forget the power of cyber attacks to disrupt communications and cause chaos can match that of missile strikes and shelling.

As Ukraine enlists underground hackers to fight the Kremlin's Sandworm, should we fear Russia's cyber attacks? (Image credit: Getty Images via Canva Pro)

Such is the threat of Russia’s own cyber capabilities, shown already with waves of Russian Distributed Denial of Service (DDoS) attacks flooding Ukrainian Government sites with requests and forcing them offline from Wednesday afternoon, according to British internet disruption tracker NetBlocks.

The Kremlin’s Sandworm hacking group’s handiwork was unearthed in new Cyclops Blink malware nesting in firewalls, the UK’s National Cyber Security Centre also found.

By Thursday, cyber security experts had discovered data wiper malware circulating in and around Ukraine, threatening to corrupt and wipe data on hundreds of computers as the internet flickered in cities under military attack.

Anyone who remembers the devastating WannaCry ransomware attack of 2017 will remember that what quickly followed was Russia’s unleashing of destructive Sandworm malware NotPetya, which targeted Ukraine, but raced around the world as a wiper-ransomware hybrid virus that cost logistics company Maersk $300m.

Ukrainian president Volodymyr Zelenskyy has called on Ukraine’s underground hackers to help the country fight Russian cyber attacks, with international hacker collective Anonymous coming to Ukraine’s aid in declaring cyber war on Russia on Thursday evening.

And as the rest of the world doomscrolls through live updates from Ukraine, prays for the country and remains glued to rolling coverage of Nato statements and sanction updates, it would be foolish to forget that physical boundaries and borders of war do not exist online.

A message from the Editor:

Thank you for reading this article. We're more reliant on your support than ever as the shift in consumer habits brought about by coronavirus impacts our advertisers.

If you haven't already, please consider supporting our trusted, fact-checked journalism by taking out a digital subscription.


Want to join the conversation? Please or to comment on this article.